For anyone concerned they were one of the 1,400, WhatsApp has contacted those it knows were affected and provided a breakdown of how the hacks happened. Affected users should, therefore, know whether or not they were targeted.
NSO Group provides its sophisticated spyware to government agencies. In this spate of attacks at least 100 targets were “attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials.” Unless you’re someone who has information of interest to a national police or intelligence agency, it’s unlikely you were hit.
But given that NSO’s tools have allegedly targeted people in all manner of professions, not insignificant segments of the world’s populace could rightly be concerned.
According to the WhatsApp suit, the attack started in April and carried on through to early May. NSO, which also goes under the name Q Cyber Technologies, was accused of abusing WhatsApp “Signaling Servers”—computers used to set up calls and connect users. The spyware company created call initiation messages that contained malicious code. These would appear to the user to be a legitimate call, but in the background, the rogue code was being installed in the memory of the target phone, even if the call wasn't answered.
The code would then contact NSO servers, which would send malware to the target device. That spyware would then be able to snoop not just on WhatsApp messages on targets’ devices but also most other communications and data within.