WhatsApp Hack Targetted Senior Government Officials

The WhatsApp cyberattack earlier this year that infected devices with advanced surveillance tools, had a more sinister aspect to it than first thought.

According to Reuters, citing sources familiar with WhatsApp’s internal investigation into the breach, a “significant” portion of the known victims are high-profile government and military officials spread across at least 20 countries on five continents.

Many of the nations targetted are said to be US allies, prompting fears that the attack may have been carried out for a nation-state hostile to the West.

WhatsApp hack

In May 2019, WhatsApp urged all of its 1.5 billion users to update their software to fix a vulnerability that it said was being actively exploited to implant advanced surveillance tools on users’ devices.

The Facebook-owned company discovered the vulnerability earlier in May and released a fix. The Financial Times reported in May that the bug was used to implant spyware developed by NSO Group, citing an unnamed surveillance software maker as its source.

NSO Group is an Israeli firm that is in the business of developing surveillance tools that are intended for use by governments and law enforcement agencies.

Earlier this year it is alleged that when attackers rang up a target’s phone, the malicious code would automatically infect the device (even if the call was not answered), WhatsApp said in a technical document on the issue.

The attack involved a buffer overflow vulnerability in WhatsApp’s voice over internet protocol (VOIP) stack that allowed remote code execution via a series of specially crafted secure real-time control protocol (SRTCP) packets, WhatsApp said in May.

At the time, WhatsApp acknowledged that the vulnerability had been used to install spyware, without mentioning NSO by name.

“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” WhatsApp said in a statement back in May.

NSO lawsuit

Earlier this week, WhatsApp felt it had enough evidence and opted to sue NSO over the matter.

In a court filing, WhatsApp said NSO Group “developed their malware in order to access messages and other communications after they were decrypted on target devices”.

It alleged that NSO Group created various WhatsApp accounts and caused the malicious code to be transmitted over the WhatsApp servers in April and May.

However NSO Group told the BBC that it would fight the allegations.

“In the strongest possible terms, we dispute today’s allegations and will vigorously fight them,” the company said in a statement to the BBC.

“The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime,” it added.

Do you know all about security? Try our quiz!

Tom Jowitt @TJowitt

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Recent Posts

Facebook Sues Firm For ‘Celeb Bait’ Adverts That Installed Malware

Social networking giant takes action against advertising fraud with a lawsuit against Hong Kong firm

10 hours ago

Google Accused By US Union Of Illegally Firing Staff

Staff issues. Communications Workers of America union files federal labour charge against Google over its firing of four members of…

11 hours ago

Tech Trends and Challenges for CIOs and CTOs in 2020

As 2020 approaches, Silicon asks CIOs and CTOs what the tech landscape will look like and, what challenges they expect…

13 hours ago

Apple iPhone Collects Location Data Even If Turned Off, Warns Krebs

Flagship iPhone 11 Pro will track a user's location, even when location settings are turned off, researcher warns. Apple promises…

13 hours ago

Wi-Fi 6 Standard Delivers 700Mbps Download, Says WBA

Need for speed? Wireless Broadband Alliance carries out challenging wireless test (across a factory floor) of the Wi-Fi 6 standard

1 day ago

AWS Boss Points To ‘Political Interference’ Over Pentagon’s JEDI Decision

Amazon cloud boss cites 'significant political interference' over Pentagon decision to award JEDI contract to Microsoft Azure

1 day ago