A WhatsApp spyware attack that targeted human rights activists has clear links to a company known to help governments snoop, the messaging app firm said in a statement. Israeli firm NSO is accused of being behind the exploit.
Several human rights lawyers and campaigners were targeted by the spyware, known as Pegasus. Attackers installed Pegasus on target users’ phones through WhatsApp’s call function, according to the company. Incredibly, users did not even have to answer the call to become infected. Once installed, the malicious program can turn on a target’s microphone and camera at will, peruse emails and texts, and track the user’s location – all without the target’s knowledge.
Coincidentally, one UK-based attorney targeted by the spyware is currently involved in a lawsuit against NSO Group – the Israeli company which developed the software.
The Israeli firm claims that the technology is only used by law enforcement and intelligence agencies, and that it would not use its own technology to target individuals.
WhatsApp, however, said that the targeted attack pointed to a private firm that matches NSO’s description.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” the company said in a statement.
“We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society.”
WhatsApp claims it has worked “around the clock” to develop a patch to protect users from the exploit, finally releasing the fix on Monday.
Human rights group Amnesty International has launched legal action to stop NSO Group from selling its spyware, claiming that Pegasus has been “linked to attacks on activists and journalists in Saudi Arabia, Mexico and the United Arab Emirates.”
(Source: Russia Today)