Facebook – NSO Lawsuit: Pegasus Spyware Attacked on Hundreds of WhatsApp Users by 1 Single IP Address

In October 2019, The social network giant Facebook has filed a lawsuit against Israeli based commercial spyware maker NSO group for hacking its WhatsApp messenger by exploiting the zero-day vulnerability and deploy the Pegasus spyware on the targeted user’s device.

The target was resemblances of lawyers, reporters, human rights activists, political agitators, diplomats, and government leaders as well.

Moreover, this battle has the full capability to affect a phone, including the Pegasus malware, next it pinged NSO command and control servers for further guidance regarding what commands to perform and exactly what data to take.

Since the case still under investigation, a piece of new evidence that submitted by the WhatsApp’s software program manager stated in the court document that they find a 2 IP address that mainly used to attack the WhatsApp users and on of the remote server’s IP address was has used for a major attack.

Attack on Hundreds of WhatsApp users by 1 Single IP Address

After reading the whole complaint, it is made clear that this malicious conflict had sent a code during the attack. Well, this code was intended to generate a WhatsApp user’s mobile device to easily connect to a distant server that is not affiliated with WhatsApp.

However, there have been nearly 720 attacks; well, Claudiu Gheorghe, who is a software engineering manager on WhatsApp, employed by Facebook Inc. or WhatsApp Inc., clearly stated that in these attacks, the remote server’s IP address held to be “”. While in another 3 cases of the attack, the remote server’s IP address held to be “”.

Well, all these things have been perceived by the engineers at WhatsApp Inc., and not only that, even all these IPs simply belong to a Los Angeles-based data center provider, QuadraNet Enterprises LLC. 

As if you don’t know, then let me clarify that each and every small detail are very important in this type of case. Therefore the NSO Group team has filed a proposal to expel the case. Well, they also provide a long list of several reasons that involve the loss of jurisdiction of California court to presides over the court. 

After all this, the legal team of Facebook simply denied the allegations and said that this evidence is wrong because NSO has been receiving funding from a California private investment firm and, depending on various servers, resided in the state.

Due to these reasons, the NSO group individually entered into a contract with a California-based technology company, QuadraNet, so they can smoothly perform sites planned schemes and install its spyware on the devices of WhatsApp users.

Well, last year, Facebook said that “all sorts of hacks generate severe damage to WhatsApp, and now it wants to sustain all the responsibility for liable losses to NSO,” now yesterday Facebook repeated the same statement once again. While, in response to this, last year, NSO stated that its commodity had been intended to encourage law enforcement and intelligence services to fight against terrorism and dangerous crime.

Its worth mention here that NSO Group CEO Shalev Hulio recently Claimed that Facebook tried to buy a Pegasus Spyware to monitor better their users especially access to the Apple user’s data and their activities.

So, what do you think about this? Simply share all your views and thoughts in the comment section below.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.