The social media platform Whatsapp has launched a lawsuit against the Israeli-based company NSO Group, accusing the firm of helping government spies hack into around 1,400 mobile phones in 20 countries and steal information.
WhatsApp, which is owned by Facebook, said in a statement that 100 civil society members had been targeted, and called it "an unmistakable pattern of abuse."
In the lawsuit, filed in federal court in California on Tuesday, the US-based tech firm claimed political dissidents, journalists, human rights activists, diplomats and senior government officials were targeted.
NSO Group has denied the allegations.
Read more: EU to punish cyberattackers with sanctions
"In the strongest possible terms, we dispute today's allegations and will vigorously fight them," NSO Group said in a statement.
"The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime.
The suit was filed after an investigation showed the Israeli firm's role in the cyberattack, despite NSO Group's denial, said Will Cathcart, WhatsApp's head.
How did the 'hacking' take place?
The complaint filed against NSO Group alleges the company "reverse-engineered the WhatsApp app" and developed a program that enabled them to emulate a legitimate WhatsApp network traffic to transmit malware that would take over the mobile devices. The malware would allow, according to Whatsapp, NSO Group and its clients — which includes governments — to spy on the phone's owner.
Who was allegedly targeted?
Whatsapp said the targets included well-known television personalities, prominent women who had been subjected to online hate campaigns and people who had faced "assassination attempts and threats of violence," Citizen Lab, a cybersecurity research laboratory based at the University of Toronto that worked with WhatsApp on the investigation, told Reuters news agency.
WhatsApp and Citizen Lab have not identified targets by name.
Mexico, the United Arab Emirates and Bahrain have been identified as countries where victims were targeted.
Some lawyers see the move as unprecedented as most major digital service security providers do not want to shine a spotlight on digital security issues in their own software.