This is not the first time the Israeli software NSO Group has been involved in cases of hacking lawyers, journalists and human right defenders.
Facebook-owned messaging platform WhatsApp reported Tuesday that the security breach on its messaging app likely came from a government using surveillance technology in order to target human rights groups.
“We’re working with human rights groups on learning as much as we can about who may have been impacted in their community. That’s really where our highest concern is,” WhatsApp spokesman said, whose app is used worldwide by over 1.5 billion users.
The story of the latest breach of security was revealed by the Financial Times Monday. In its report, the news outlet identified that the Pegasus spyware was developed by Israeli cyber surveillance company NSO Group and affected both Android and iPhones. According to WhatsApp, the malware was able to penetrate devices via missed calls through the app’s voice calling function.
“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” the instant message company explained.
In an official statement, NSO did not deny allegations, just added that its technology is licensed to authorized government agencies “for the sole purpose of fighting crime and terror.”
WhatsApp has just pushed out updates to close a vulnerability. We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer. Now is a great time to update your WhatsApp software https://t.co/pJvjFMy2aw https://t.co/e8VQUraZWQ— Citizen Lab (@citizenlab) May 13, 2019
This is not the first time the Israeli software company has been involved in cases of hacking lawyers, journalists and human right defenders. Most notably, NSO was accused of having extracted more than 400 Whatsapp messages exchanged by murdered journalist Jamal Khashoggi and Montreal-based Omar Abdulaziz, which revealed they were working to build an online “youth movement” to function as a watchdog of the Saudi state.
In a similar fashion in 2017, a team from Citizen Lab, commissioned by the Inter-American Human Rights Commission to investigate claims of privacy violations, confirmed that members of the International Group of Independent Experts in Mexico had been hacked by the Israeli software Pegasus bought by former president Enrique Peña Nieto's government.
After Monday's denouncement of the privacy breach, Facebook’s WhatsApp urged users Tuesday to upgrade to the latest version of its app reminding people “as well to keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”
WhatsApp parent company, Facebook, is facing many security and privacy scandals, having been accused of inappropriately sharing around 87 million users' information with the U.K. political consulting firm Cambridge Analytica.