US allies targeted by WhatsApp video hack

Victims include high profile government and military officials spread across 20 countries, report

WhatsApp, Web app, Messaging

Senior government and military officials in US-allied countries were the target of a WhatsApp video hack earlier this year, it has emerged.

The hack allegedly enabled attackers to take over a users smartphone through the Facebook-owned messenger app simply by ringing the target's device, according to Reuters.

On Tuesday, Facebook launched legal action against an Israeli-based spyware firm NSO Group also known as Q Cyber Technologies which is part-owned by Novalpina Capital, a European private equity firm.

The social network accused it of providing tools to government agencies to target individuals through WhatsApp video calling.

Advertisement - Article continues below

It's alleged that the group developed Pegasus, a tool that exploited a vulnerability in the messaging app to track users. WhatsApp fixed this issue in May and began an investigation with the University of Toronto's Citizen's Lab.

"As part of our investigation into the incident, Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East, and North America that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses," the Lab said in a blog post.

Advertisement - Article continues below

NSO Group has said it sells spyware exclusively to government customers, however, in a statement to Reuters it said it was "not able to disclose who is or is not a client or discuss specific uses of its technology". Initially, the firm had denied any wrongdoing, saying that its products are for governments to catch terrorists.

Advertisement - Article continues below

However, it has been used to target high profile government and military officials, spread across 20 countries on five continents, according to Reuters, which cites sources familiar with WhatsApp's internal investigation. What's more, these sources said many of these nations are US allies.

WhatsApp claimed that approximately 1,400 individuals were effected by attacks launched between April and May, but these were initially thought to be just journalists and human rights activists.

30/10/2019: WhatsApp sues NSO Group for Pegasus spyware attack

Facebook has launched legal action against an Israeli spyware firm after accusing the company of providing the tools for government agencies to target individuals through WhatsApp video calling.

Pegasus, allegedly developed by NSO Group, was used between April May to attack a litany of users by exploiting a WhatsApp vulnerability in order to track their communications and even their location. WhatsApp, which is owned by Facebook, claims approximately 1,400 individuals were impacted by the attack, including a raft of journalists and human rights activists, according to court filings.

Advertisement - Article continues below

NSO Group is known for developing spyware technology for national governments and public sector agencies. WhatsApp, with the help of CitizenLab, claims NSO Group and similar companies do not have strict enough controls in place to ensure their products aren't complicit in cyber attacks.

"Some of your most personal moments are shared on WhatsApp, which is why we provide end-to-end encryption for all messages and calls by default," WhatsApp said in a blog post.

Advertisement - Article continues below

"This attack was developed to access messages after they were decrypted on an infected device, abusing in-app vulnerabilities and the operating systems that power our mobile phones."

CitizenLab claims the sophisticated Pegasus attack involved malware being installed on users phones through a number of tactics, ranging from zero-day exploits to deception. Once installed, it contacted the operator's command and control (C&C) servers to retrieve commands, and exfiltrate users' personal data.

WhatsApp claims that clients of NSO, which vary from government agencies and secret services to private companies, could at this stage retrieve any personal data harvested from targeted users.

Advertisement - Article continues below

The lawsuit claims NSO Group violated several federal acts that prohibit computer misuse, as well as violating WhatsApp's property. Facebook is seeking "reasonable damages" as a result of the claim.

"In the strongest possible terms, we dispute today's allegations and will vigorously fight them," a spokesperson from NSO said.

"The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime. Our technology is not designed or licensed for use against human rights activists and journalists."

"The truth is that strongly encrypted platforms are often used by paedophile rings, drug kingpins and terrorists to shield their criminal activity.

"Without sophisticated technologies, the law enforcement agencies meant to keep us all safe face insurmountable hurdles. NSO's technologies provide proportionate, lawful solutions to this issue."

The company's firm stance against encryption chimes with that persistently expressed by several national governments, including the UK government.

Advertisement - Article continues below

Security agencies have long-railed against end-to-end encryption, used in WhatsApp and other platforms, as it prevents agents from accessing the private communications data of those suspected of crimes.

The Australian government even passed a controversial law against encryption in 2018, which would allow law enforcement to compel tech and telecoms firms to break their own encryption.

The long-standing request for social media firms to insert backdoors into their products, however, has been roundly rejected by developers due to risks that it would also allow cyber criminals to exploit them.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now



What is cyber warfare?

16 Mar 2020

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020