It is estimated that the target of this breach is high-profile government and military officials, many of them serving in governments, which are U.S. allies. In May, WhatsApp detected that Israeli hacking tool developer NSO Group exploited a “buffer overflow vulnerability in WhatsApp VOIP stack” to send its Pegasus malware to the target devices, even without the users answering the calls they received.
Spyware firm sold high profile user data
Israeli spyware firm NSO faced a lawsuit about hacking and sold WhatsApp data of some high profile users. They exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 users between April 29, 2019 and May 10, 2019 by building and selling a hacking platform.
According to WhatsApp head Will Cathcart, the company accused NSO Group because attackers used servers and Internet-web hosting services that were previously associated with NSO. Although this is just an allegation, NSO defended itself as saying that they sell its spyware exclusively to government customers.