Facebook permanently deletes the accounts of NSO workers
A day after Facebook-owned WhatsApp sued NSO Group, the social media platform has permanently deleted the accounts of employees who work at the Israel-based spyware maker, according to message boards and a security researcher who spoke to one worker.
“Your account has been deleted for not following our terms,” said a message sent to one employee by Facebook-owned Instagram. “You won’t be able to log into this account, and no one else will be able to see it. We’re unable to restore accounts that are deleted for these types of violations.”
The action comes after WhatsApp sued NSO Group on Tuesday for allegedly mass exploiting a critical vulnerability that targeted 1,400 devices with spyware. WhatsApp presented evidence that about 100 of the targets were lawyers, dissidents, human-rights advocates, and other members of civil society. The exploits allowed the attackers to install spyware on iOS and Android phones simply by making a video call to the device.
According to WhatsApp, the attackers made the calls from WhatsApp accounts that were created for the purpose of infecting other WhatsApp users. The attackers also relied on WhatsApp servers to communicate with NSO-operated attack servers. The actions, WhatsApp said, violated not just its terms of service, but also the US Computer and Fraud Abuse Act.
The lawsuit seeks, among other things, a permanent injunction barring all NSO employees from “accessing or attempting to access WhatsApp’s or Facebook’s services, platform, and computer systems.”
A message board popular in Israel indicated that the deletion was widespread. “I had just personally verified it (I have friends working there),” one person wrote. “Ninety-eight percent of the company employees were blocked.”
Another person who claimed to work at NSO responded to say he or she hadn’t been blocked. Another person claiming to be an NSO employee complained bitterly on LinkedIn. An Israel-based security researcher who spoke to an NSO employee said the deletions affected a much smaller percentage of the company’s employees and didn’t involve WhatsApp accounts.
WhatsApp representatives declined to comment. NSO representatives didn’t immediately respond to an email.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.