From Instagram to insta-banned: Facebook wipes NSO Group workers' personal profiles amid WhatsApp hack rap

Go Zuck yourself, fam

Updated Facebook, Instagram, and WhatsApp are today busy deleting the personal profiles of employees at NSO Group amid an ongoing legal battle.

This move to wipe said staff off the face of Mark Zuckerberg's sprawling cyber-empire comes the day after his antisocial network sued NSO for allegedly illegally hacking the smartphones netizens via a WhatsApp vulnerability. It is believed the Israeli surveillance-ware maker was hired by a mystery customer or customers to infect the handhelds of 1,400 people, including diplomats, government officials, human-rights activists, lawyers, and journalists scattered across the world.

On Wednesday, past and present employees of the spyware biz found their personal profiles on all three Facebook-owned platforms were being removed. One forum post suggested hundreds of folks have been hit – some incorrectly.

"Yesterday, both my personal Facebook and Instagram Profiles were intentionally disabled by the world's greatest privacy violator in the history of mankind, AKA Facebook," wrote NSO's global intelligence services and training manager Guy Brenner in a LinkedIn post.

"Why? Because I work for a company called NSO Group, and according to their statements, have found and used vulnerabilities in their WhatsApp architecture, to provide security agencies and governments sophisticated tools to prevent the next 9/11.

"I just wonder how well that #Libra project will work once you encounter a transaction you won’t be a fan of. Well let me take a guess, you’ll take control over our money.

"One last thing, you’ve done a pretty terrible job blocking so many false-positives (employees’ spouses, friends, etc.), give me a call so I can help you with your link-analysis work. You’ve got my number."

Whatsapp running on an iPhone

WhatsApp slaps app hacker chaps on the rack for booby-trapped chat: NSO Group accused of illegal hacking by Facebook


Brenner is referring to the allegations in WhatsApp's lawsuit that NSO broke into more than 1,000 people's phones to spy on them on behalf of shadowy customers. Facebook and WhatsApp accused NSO of breaking both California and US computer abuse laws.

NSO Group has countered that it does not allow its software to be used for any illegal surveillance, and only sells its tools to legit governments and agencies that investigate terrorism and crime.

Neither side wished to comment on the record. An industry source familiar with the whole brouhaha, however, directed The Register to a passage in WhatsApp's court paperwork that sought to permanently bar NSO Group, as well as its agents and employees, from ever again "accessing or attempting to access WhatsApp’s and Facebook’s service, platform, and computer systems."

This, it seems, is the justification being used by Zuck and Co. to take down the profiles of NSO Group workers. While the antisocial is seeking a legal injunction, it can, in the meantime, use its own terms and conditions to remove the individual profiles. ®

Updated to add

Apparently, a “significant” portion of the hacking victims are high-profile government and military officials in 20 or more countries on five continents, it was reported Thursday.

Keep Reading

NSO Group: Facebook tried to license our spyware to snoop on its own addicts – the same spyware it's suing us over

Antisocial network sought surveillance tech to boost its creepy Onavo Protect app, it is claimed

Family wrongly accused of uploading pedo material to Facebook – after US-EU date confusion in IP address log

Site accessed on 10/11/2016... is that November 10 or October 11?

Spyware maker NSO can't claim immunity, Facebook lawyers insist – it's time to face the music

Software developers aren't nation states, antisocial giant points out

Judge green-lights Facebook, WhatsApp hacking lawsuit against spyware biz NSO, unleashing Zuck's lawyers

Legal discovery team could turn up some very interesting, and possibly embarrassing details

Spyware slinger NSO to Facebook: Pretty funny you're suing us in California when we have no US presence and use no American IT services...

Malware maker urges judge to dump lawsuit over WhatsApp phone snooping

Here's US Homeland Security collaring a suspected arsonist after asking Google for the IP addresses of folks who made a specific search

Don't worry, says the internet giant, this doesn't happen too often

Apple's privacy pledges: We sent dev checks over plain HTTP, logged IP addresses. We bypass firewall apps

Analysis Big Sur highlights shortcomings in OCSP comms, APIs

FYI: When Virgin Media said it leaked 'limited contact info', it meant p0rno filter requests, IP addresses, IMEIs as well as names, addresses and more

Infosec biz that found the database spill raises eyebrow at UK ISP's advisory to subscribers

Biting the hand that feeds IT © 1998–2020