Hackers were able to install surveillance software to spy on human rights campaigners using a vulnerability in the Facebook-owned messaging app WhatsApp, the company has admitted.
WhatsApp, which has 1.5 billion users worldwide, found out in early May that cyber attackers had managed to remotely install the software on iPhones and Android phones by using the app’s call function to ring up targets, according to a report in the Financial Times.
The spyware, which the Financial Times claimed was developed by Israeli tech firm NSO Group, could reportedly be transmitted even if the calls were not answered by WhatsApp users – and these calls frequently disappeared from call logs.
After installing the spyware, hackers were able to use the target’s camera and microphone, as well as accessing messages, emails and location data.
Human rights organisations have expressed concern over the surveillance software. The University of Toronto’s Citizen Lab, which researches the impact of cyber surveillance on human rights, said that it believes hackers attempted to target a human right lawyer on Sunday (May 12).
“WhatsApp has just pushed out updates to close a vulnerability. We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer,” the Citizen Lab said on Twitter.
WhatsApp has just pushed out updates to close a vulnerability. We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer. Now is a great time to update your WhatsApp software https://t.co/pJvjFMy2aw https://t.co/e8VQUraZWQ
— Citizen Lab (@citizenlab) May 13, 2019
Amnesty International Among Those Groups Targeted
Amnesty International, meanwhile, has said it is supporting legal action to to take the Israeli Ministry of Defence (MoD) to court to demand that it strips the NSO Group, which has denied the accusations, of its export license.
In a petition to be filed today (May 14) at the District Court of Tel Aviv, approximately 30 members and supporters of Amnesty International Israel and others from the human rights community set out how the MoD has put human rights at risk by allowing NSO to continue exporting its products.
We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer.
– Citizen Lab
The human rights organisation said that an Amnesty staff member was targeted in August 2018 by a “particularly invasive” NSO Group software called Pegasus, which has been linked to attacks on activists and journalists in Mexico, Saudi Arabia and the United Arab Emirates.
“NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics. The attack on Amnesty International was the final straw,” said Danna Ingleton, deputy director of Amnesty Tech, who has provided supporting testimony.
He added: “The Israeli MoD has ignored mounting evidence linking the NSO Group to attacks on human rights defenders, which is why we are supporting this case.
“As long as products like Pegasus are marketed without proper control and oversight, the rights and safety of Amnesty International’s staff and that of other activists, journalists and dissidents around the world is at risk.”
NSO Group Denies WhatsApp Hacking Claims
Image credit: Marina Stroganova/Flickr
WhatsApp, which is owned by Facebook, has confirmed the cyber attack and urged its users to update their apps as a precautionary measure.
In a statement sent to RightsInfo, a WhatsApp spokesperson said: “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.
“We are constantly working alongside industry partners to provide the latest security enhancements to help protect our users.”
The company said that the an “advanced cyber actor” carried out the attack, which targeted a “select number of users.”
NSO Group has denied claims that it developed the surveillance software. “Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” the group told the Financial Times.
“NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual [the UK lawyer].”
Citizen Lab, Amnesty International, and NSO Group have been contacted for comment.