NSO Group’s lawyer Joe Akrotirianakis confirmed this, saying the “single exception” to Pegasus not being able to target +1 numbers “was a specially configured version of Pegasus to be used in demonstration to potential U.S. government customers.”
The FBI reportedly chose not to deploy Pegasus following its test.
NSO’s CEO Shohat explained that Pegasus’ user interface for its government customers does not provide an option to choose which hacking method or technique to use against the targets they are interested in, “because customers don’t care which vector they use, as long as they get the intelligence they need.”
In other words, it’s the Pegasus system in the backend that picks out which hacking technology, known as an exploit, to use each time the spyware targets an individual.
In a funny coincidence, NSO Group’s headquarters in Herzliya, a suburb of Tel Aviv in Israel, is in the same building as Apple, whose iPhone customers are also frequently targeted by NSO’s Pegasus spyware. Shohat said NSO occupies the top five floors and Apple occupies the remainder of the 14-floor building.
“We share the same elevator when we go up,” Shohat said during testimony.
The fact that NSO Group’s headquarters are openly advertised is somewhat interesting on its own. Other companies that develop spyware or zero-days like the Barcelona-based Variston, which shuttered in February, was located in a co-working space while claiming on its official website to be located somewhere else.
Following the spyware attack, WhatsApp filed its lawsuit against NSO Group in November 2019. Despite the active legal challenge, the spyware maker kept targeting the chat app’s users, according to NSO Group’s research and development vice president Tamir Gazneli.
Gazneli said that “Erised,” the codename for one of the versions of the WhatsApp zero-click vector, was in use from late-2019 up to May 2020. The other versions were called “Eden” and “Heaven,” and the three were collectively known as “Hummingbird.”
NSO Group’s CEO Yaron Shohat disclosed a small but notable detail: NSO Group and its parent company, Q Cyber, have a combined number of employees totalling between 350 and 380. Around 50 of these employees work for Q Cyber.
During the trial, Shohat answered questions about the company’s finances, some of which were disclosed in depositions ahead of the trial. These details were brought up in connection with how much in damages the spyware maker should pay to WhatsApp.
According to Shohat and documents provided by NSO Group, the spyware maker lost $9 million in 2023 and $12 million in 2024. The company also revealed it had $8.8 million in its bank account as of 2023, and $5.1 million in the bank as of 2024. Nowadays, the company burns through around $10 million each month, mostly to cover the salaries of its employees.
Also, it was revealed that Q Cyber had around $3.2 million in the bank both in 2023 and 2024.
During the trial, NSO revealed its research and development unit — responsible for finding vulnerabilities in software and figuring out how to exploit them — spent some $52 million in expenses during 2023, and $59 million in 2024. Shohat also said that NSO Group’s customers pay “somewhere in the range” between $3 million and “ten times that” for access to its Pegasus spyware.
Factoring in these numbers, the spyware maker was hoping to get away with paying little or no damages.
“To be honest, I don’t think we’re able to pay anything. We are struggling to keep our head above water,” Shohat said during his testimony. “We’re committing to my [chief financial officer] just to prioritize expenses and to make sure that we have enough money to meet our commitments, and obviously on a weekly basis.”
First published on May 10, 2025 and updated with additional details.
Source: Original Article
