US allies targeted by WhatsApp video hack

Victims include high profile government and military officials spread across 20 countries, report

WhatsApp, Web app, Messaging

Senior government and military officials in US-allied countries were the target of a WhatsApp video hack earlier this year, it has emerged.

The hack allegedly enabled attackers to take over a users smartphone through the Facebook-owned messenger app simply by ringing the target's device, according to Reuters.

On Tuesday, Facebook launched legal action against an Israeli-based spyware firm NSO Group also known as Q Cyber Technologies which is part-owned by Novalpina Capital, a European private equity firm.

The social network accused it of providing tools to government agencies to target individuals through WhatsApp video calling.

Advertisement
Advertisement - Article continues below

It's alleged that the group developed Pegasus, a tool that exploited a vulnerability in the messaging app to track users. WhatsApp fixed this issue in May and began an investigation with the University of Toronto's Citizen's Lab.

"As part of our investigation into the incident, Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East, and North America that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses," the Lab said in a blog post.

NSO Group has said it sells spyware exclusively to government customers, however, in a statement to Reuters it said it was "not able to disclose who is or is not a client or discuss specific uses of its technology". Initially, the firm had denied any wrongdoing, saying that its products are for governments to catch terrorists.

However, it has been used to target high profile government and military officials, spread across 20 countries on five continents, according to Reuters, which cites sources familiar with WhatsApp's internal investigation. What's more, these sources said many of these nations are US allies.

WhatsApp claimed that approximately 1,400 individuals were effected by attacks launched between April and May, but these were initially thought to be just journalists and human rights activists.

30/10/2019: WhatsApp sues NSO Group for Pegasus spyware attack

Facebook has launched legal action against an Israeli spyware firm after accusing the company of providing the tools for government agencies to target individuals through WhatsApp video calling.

Pegasus, allegedly developed by NSO Group, was used between April May to attack a litany of users by exploiting a WhatsApp vulnerability in order to track their communications and even their location. WhatsApp, which is owned by Facebook, claims approximately 1,400 individuals were impacted by the attack, including a raft of journalists and human rights activists, according to court filings.

NSO Group is known for developing spyware technology for national governments and public sector agencies. WhatsApp, with the help of CitizenLab, claims NSO Group and similar companies do not have strict enough controls in place to ensure their products aren't complicit in cyber attacks.

"Some of your most personal moments are shared on WhatsApp, which is why we provide end-to-end encryption for all messages and calls by default," WhatsApp said in a blog post.

Advertisement
Advertisement - Article continues below

"This attack was developed to access messages after they were decrypted on an infected device, abusing in-app vulnerabilities and the operating systems that power our mobile phones."

CitizenLab claims the sophisticated Pegasus attack involved malware being installed on users phones through a number of tactics, ranging from zero-day exploits to deception. Once installed, it contacted the operator's command and control (C&C) servers to retrieve commands, and exfiltrate users' personal data.

WhatsApp claims that clients of NSO, which vary from government agencies and secret services to private companies, could at this stage retrieve any personal data harvested from targeted users.

The lawsuit claims NSO Group violated several federal acts that prohibit computer misuse, as well as violating WhatsApp's property. Facebook is seeking "reasonable damages" as a result of the claim.

"In the strongest possible terms, we dispute today's allegations and will vigorously fight them," a spokesperson from NSO said.

"The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime. Our technology is not designed or licensed for use against human rights activists and journalists."

"The truth is that strongly encrypted platforms are often used by paedophile rings, drug kingpins and terrorists to shield their criminal activity.

"Without sophisticated technologies, the law enforcement agencies meant to keep us all safe face insurmountable hurdles. NSO's technologies provide proportionate, lawful solutions to this issue."

The company's firm stance against encryption chimes with that persistently expressed by several national governments, including the UK government.

Security agencies have long-railed against end-to-end encryption, used in WhatsApp and other platforms, as it prevents agents from accessing the private communications data of those suspected of crimes.

Advertisement
Advertisement - Article continues below

The Australian government even passed a controversial law against encryption in 2018, which would allow law enforcement to compel tech and telecoms firms to break their own encryption.

The long-standing request for social media firms to insert backdoors into their products, however, has been roundly rejected by developers due to risks that it would also allow cyber criminals to exploit them.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/28170/what-is-cyber-warfare
Security

What is cyber warfare?

20 Sep 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019