The FT broke the story, which is behind a paywall.
A vulnerability in the messaging app WhatsApp has allowed attackers to inject commercial Israeli spyware on to phones, the company and a spyware technology dealer said.WhatsApp, which is used by 1.5bn people worldwide, discovered in early May that attackers were able to install surveillance software on to both iPhones and Android phones by ringing up targets using the app’s phone call function. The malicious code, developed by the secretive Israeli company NSO Group, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs, said the spyware dealer, who was recently briefed on the WhatsApp hack. [...]
NSO’s flagship product is Pegasus, a program that can turn on a phone’s microphone and camera, trawl through emails and messages and collect location data.
— www.ft.com/...
The software has been sold to several oppressive regimes, and rights groups have provided evidence that activists and journalists have been targeted.
The Electronic Frontier Foundation issued a high-priority alert:
Facebook (which owns WhatsApp) has not indicated that they know how many people have been targeted by this vulnerability, but they have attributed its use to an Israeli security company, NSO Group, which has long claimed to be able to install its software by sending a single text message. The exploit market pays top-dollar for “zero-click install” vulnerabilities in the latest versions of popular applications. It is not so remarkable that such capabilities exist, but it is remarkable that WhatsApp’s security team found and patched the vulnerability.
NSO Group is known to sell its software to governments such as Mexico and Saudi Arabia, where these capabilities have been used to spy on human rights activists, scientists, and journalists, including Jamal Khashoggi, who was allegedly tracked using NSO Group’s Pegasus spyware in the weeks leading up to his murder by agents of the Saudi government.
What can you do if you have antagonized a government known to use NSO Group’s spyware and your WhatsApp is getting strange calls and crashing? You can contact Eva Galperin at EFF’s Threat Lab at eva@eff.org.
— www.eff.org/...
The FT still has the best coverage of the story:
But two lawsuits against the company, which have been filed in Israel and Cyprus, and build on investigations by human rights groups, claim it tracked the software to the phones of journalists, dissidents and critics of governments from Mexico to Saudi Arabia, including a researcher at Amnesty International, the wife of a murdered Mexican journalist and anti-corruption activists. As the company has grown in influence, it has been tracked by researchers at the University of Toronto who have shadowed Pegasus. They believe it has been used in 45 countries including Bahrain, Morocco, Saudi Arabia and the UAE. Half the group’s revenues come from the Middle East, according to an investor at the April presentation, although the company also told the gathering that it had contracts with 21 EU countries. NSO’s technology has become a trophy weapon in the rivalries that consume the Middle East. The Israeli lawsuit says the UAE, an NSO client, asked a company representative to hack the mobile phones of Qatar’s emir, a rival Saudi prince and the editor of a dissident newspaper in London. [..]
Omar Abdulaziz, a Canada-based vocal critic of the Saudi government, and a friend of Khashoggi, alleges in one of the lawsuits in Israel that his phone was infiltrated by Pegasus, and was used to track Khashoggi’s conversations with him before his death in October.— www.ft.com/...
— @subirgrewal