May 14th, 2019
The Facebook-owned company confirmed that the spyware used infected phone calls to take over the functions of operating systems and is urging users to upgrade their app to the latest version to protect themselves.
The spyware was developed by the Israeli cyber intelligence company NSO Group, the Financial Times reported. According to the newspaper, the code could be transferred to a target’s device by calling the user and infecting the call whether or not the recipient answered the call. The vulnerability was used in an attempted attack on the phone of a UK-based attorney on 12 May. The lawyer, according to the report, is involved in a lawsuit against NSO brought by a group of Mexican journalists, government critics and a Saudi Arabian dissident.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said in a statement. “We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society.”
WhatsApp said that the vulnerability was discovered this month and that the company quickly addressed the problem within its own infrastructure, publishing an update on Monday. It has also alerted US law enforcement to the exploit, and published a “CVE notice” to other cybersecurity experts alerting them to “common vulnerabilities and exposures”.
NSO Group has denied the allegations, telling the FT that it was investigating the WhatsApp attacks.
“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” NSO Group told the FT. “NSO would not, or could not, use its technology in its own right to target any person or organization, including this individual.”
NSO is most well-known for the sale of its spyware, Pegasus, to state intelligence agencies. Once installed on a phone, the software can extract all of the data that’s already on the device (text messages, contacts, GPS location, email, browser history, etc) in addition to creating new data by using the phone’s microphone and camera to record the user’s surroundings and ambient sounds, according to a 2016 report by the New York Times. The Pegasus spyware, however, does not affect or involve WhatsApp’s encryption.
This article was posted: Tuesday, May 14, 2019 at 6:31 am