Facebook filed additional court documents on 23 April related to its lawsuit against Israel's NSO IT company, claiming that NSO, using spy software under the name Pegasus, conducted hundreds of attacks aimed at WhatsApp users that were linked to one IP-address.
Claudiu Gheorghe, a software engineering manager for WhatsApp, said in a court statement that he had "reviewed the malicious code sent during the attack described in the Complaint" and found out that the IP-address was included in the code.
"I have reviewed the malicious code sent during the attack described in the Complaint. That malicious code was designed to cause a WhatsApp user's mobile device to connect to a remote server not associated with WhatsApp. The IP address of the remote server was included in the malicious code. In 720 instances of the attack, the remote server's IP address was 104.223.76.220. In 3 instances of the attack, the remote server's IP address was 54.93.81.200", Gheorghe's statement read.
The details come following Facebook's October 2019 lawsuit against NSO, in which the social media giant accused NSO of using malware to hack into more than 1,400 devices, that, according to Facebook, belonged to attorneys, journalists, human-rights activists and senior foreign government officials.
NSO vigorously denied the accusations, claiming in a counter-motion that their proprietary Pegasus technology is only aimed at "enabling sovereign governments to investigate and combat terrorism, child exploitation and other heinous crimes".