US allies targeted by WhatsApp video hack

Victims include high profile government and military officials spread across 20 countries, report

WhatsApp, Web app, Messaging

Senior government and military officials in US-allied countries were the target of a WhatsApp video hack earlier this year, it has emerged.

The hack allegedly enabled attackers to take over a users smartphone through the Facebook-owned messenger app simply by ringing the target's device, according to Reuters.

On Tuesday, Facebook launched legal action against an Israeli-based spyware firm NSO Group also known as Q Cyber Technologies which is part-owned by Novalpina Capital, a European private equity firm.

The social network accused it of providing tools to government agencies to target individuals through WhatsApp video calling.

It's alleged that the group developed Pegasus, a tool that exploited a vulnerability in the messaging app to track users. WhatsApp fixed this issue in May and began an investigation with the University of Toronto's Citizen's Lab.

"As part of our investigation into the incident, Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East, and North America that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses," the Lab said in a blog post.

NSO Group has said it sells spyware exclusively to government customers, however, in a statement to Reuters it said it was "not able to disclose who is or is not a client or discuss specific uses of its technology". Initially, the firm had denied any wrongdoing, saying that its products are for governments to catch terrorists.

However, it has been used to target high profile government and military officials, spread across 20 countries on five continents, according to Reuters, which cites sources familiar with WhatsApp's internal investigation. What's more, these sources said many of these nations are US allies.

WhatsApp claimed that approximately 1,400 individuals were effected by attacks launched between April and May, but these were initially thought to be just journalists and human rights activists.

30/10/2019: WhatsApp sues NSO Group for Pegasus spyware attack

Facebook has launched legal action against an Israeli spyware firm after accusing the company of providing the tools for government agencies to target individuals through WhatsApp video calling.

Pegasus, allegedly developed by NSO Group, was used between April May to attack a litany of users by exploiting a WhatsApp vulnerability in order to track their communications and even their location. WhatsApp, which is owned by Facebook, claims approximately 1,400 individuals were impacted by the attack, including a raft of journalists and human rights activists, according to court filings.

NSO Group is known for developing spyware technology for national governments and public sector agencies. WhatsApp, with the help of CitizenLab, claims NSO Group and similar companies do not have strict enough controls in place to ensure their products aren't complicit in cyber attacks.

"Some of your most personal moments are shared on WhatsApp, which is why we provide end-to-end encryption for all messages and calls by default," WhatsApp said in a blog post.

"This attack was developed to access messages after they were decrypted on an infected device, abusing in-app vulnerabilities and the operating systems that power our mobile phones."

CitizenLab claims the sophisticated Pegasus attack involved malware being installed on users phones through a number of tactics, ranging from zero-day exploits to deception. Once installed, it contacted the operator's command and control (C&C) servers to retrieve commands, and exfiltrate users' personal data.

WhatsApp claims that clients of NSO, which vary from government agencies and secret services to private companies, could at this stage retrieve any personal data harvested from targeted users.

The lawsuit claims NSO Group violated several federal acts that prohibit computer misuse, as well as violating WhatsApp's property. Facebook is seeking "reasonable damages" as a result of the claim.

"In the strongest possible terms, we dispute today's allegations and will vigorously fight them," a spokesperson from NSO said.

"The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime. Our technology is not designed or licensed for use against human rights activists and journalists."

"The truth is that strongly encrypted platforms are often used by paedophile rings, drug kingpins and terrorists to shield their criminal activity.

"Without sophisticated technologies, the law enforcement agencies meant to keep us all safe face insurmountable hurdles. NSO's technologies provide proportionate, lawful solutions to this issue."

The company's firm stance against encryption chimes with that persistently expressed by several national governments, including the UK government.

Security agencies have long-railed against end-to-end encryption, used in WhatsApp and other platforms, as it prevents agents from accessing the private communications data of those suspected of crimes.

The Australian government even passed a controversial law against encryption in 2018, which would allow law enforcement to compel tech and telecoms firms to break their own encryption.

The long-standing request for social media firms to insert backdoors into their products, however, has been roundly rejected by developers due to risks that it would also allow cyber criminals to exploit them.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

What is cyber warfare?
Security

What is cyber warfare?

6 Sep 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
Cyber attacks on manufacturing up 300% in a year
Security

Cyber attacks on manufacturing up 300% in a year

11 May 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021