Spyware maker NSO Group will have to pay more than $167 million in damages to WhatsApp for a 2019 hacking campaign against more than 1,400 users.
On Tuesday, after a five-year legal battle, a jury ruled that NSO Group must pay $167,254,000 in punitive damages and around $444,719 in compensatory damages.
This is a huge legal win for WhatsApp, which had asked for more than $400,000 in compensatory damages, based on the time its employees had to dedicate to remediate the attacks, investigate them, and push fixes to patch the vulnerability abused by NSO Group, as well as unspecified punitive damages.
WhatsApp’s spokesperson Zade Alsawah said in a statement that “our court case has made history as the first victory against illegal spyware that threatens the safety and privacy of everyone.”
Alsawah said the ruling “is an important step forward for privacy and security as the first victory against the development and use of illegal spyware that threatens the safety and privacy of everyone. Today, the jury’s decision to force NSO, a notorious foreign spyware merchant, to pay damages is a critical deterrent to this malicious industry against their illegal acts aimed at American companies and the privacy and security of the people we serve.”
NSO Group’s spokesperson Gil Lainer left the door open for an appeal.
“We will carefully examine the verdict’s details and pursue appropriate legal remedies, including further proceedings and an appeal,” Lainer said in a statement.
The 2024 ransomware attack on Change Healthcare exposed the data of about 190 million people, according to an update from parent company UnitedHealth Group.
The precedent-setting ruling from a Northern California federal judge could lead to massive damages against NSO Group, whose notorious spyware has been reportedly used by various governments worldwide.
An “international cybercriminal group” harvested the personal data of potentially hundreds of thousands of people from the state’s social services and health insurance systems, officials said.
BT Group (formerly British Telecom)'s Conferencing division shut down some of its servers following a Black Basta ransomware attack.
As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group's attack chain, targeted verticals, and potential future TTPs.
Universal Music Group is informing hundreds of individuals about a recent data breach impacting personal information.
Threat actors called Vanir Ransomware Group posted a few listings in July. Tonight, however, their onion site has a seized message:
” THIS HIDDEN SITE HAS BEEN SEIZED
by the State Bureau of Investigation Baden-Württemberg as a part of a law enforcement action taken against Vanir Ransomware Group “
Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.
The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for
Russian and Moldovan companies targeted by XDSpy phishing campaign, deploying DSDownloader malware, amid escalating cyber conflicts.
Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments.
The Justice Department announced today a disruption campaign against the Blackcat ransomware group — also known as ALPHV or Noberus — that has targeted the computer networks of more than 1,000 victims and caused harm around the world since its inception, including networks that support U.S. critical infrastructure.
What defines success for ransomware actors during an attack? Breaching a victim’s network, exfiltrating valuable data, and encrypting systems are crucial components. However, the ultimate measurement of success is the actor’s ability to extort a ransom payment, which determines if they achieve their financial goals. Navigating the ransom negotiation phase, whether conducted by the victims themselves or designated recovery firms, demands a high level of expertise and a deep understanding of the attackers involved. This includes studying of the threat actor’s profile, tactics, and evolving strategies. In this complex landscape, there is no one-size-fits-all playbook for successfully managing the negotiation phase, as each ransomware group exhibits distinct behaviors and adopts new tactics shaped by many factors.
The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over 4M individuals.
Clop, a Russian-speaking hacking group specialising in ransomware, has its own website. Yes, this is a thing — criminals openly encouraging their victims to negotiate a ransom for the return of their data as though it were a legitimate commercial deal.
Uptycs threat research team discovered a new ransomware Linux binary attributed to the RTM group Locker, a known Ransomware-as-a-Service (RaaS) provider.
The group is blackmailing Ring on its site: "There's always an option to let us leak your data," they posted.
