Authorization

WhatsApp blames and sues mobile spyware maker NSO Group over its zero-day calling exploit

WhatsApp has filed a suit in federal court accusing Israeli mobile surveillance maker NSO Group of creating an exploit that was used hundreds of times to hack into targets phone.
The lawsuit, filed in a California federal court, said the mobile surveillance outfit developed their malware in order to access messages and other communications after they were decrypted on target devices.
The attack worked by exploiting an audio-calling vulnerability in WhatsApp. Users may appear to get an ordinary call, but the malware would quietly infect the device with spyware, giving the attackers full access to the device.
In some cases it happened so quickly, the targets phone may not have rung at all.
Because WhatsApp is end-to-end encrypted, its near-impossible to access the messages as they traverse the internet. But in recent years, governments and mobile spyware companies have begun targeting the devices where the messages were sent or received. The logic goes that if you hack the device, you can obtain its data.
Thatss what WhatsApp says happened.
WhatsApp, owned by Facebook, quickly patched the vulnerability. Although blame fell fast on NSO Group, WhatsApp did not publicly accuse the company at the time until now.
In an op-ed posted shortly after the suit was filed, WhatsApp head Will Cathart said the messaging giant learned that the attackers used servers and Internet-hosting services that were previously associated with NSO Group, and that certain WhatsApp accounts used during the attacks were traced back to the company.
While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful, said Cathart.
The attack involved disguising the malicious code as call settings, allowing the surveillance outfit to deliver the code as if it came from WhatsApps signaling servers. Once the malicious calls were delivered to the targets phone, they injected the malicious code into the memory of the target device even when the target did not answer the call, the complaint read. When the code was run, it sent a request to the surveillance companys servers, and downloaded additional malware to the targets device.
In total, some 1,400 targeted devices were affected by the exploit, the lawsuit said.
Most people were unaffected by the WhatsApp exploit. But WhatsApp said that over a hundred human rights defenders, journalists and other members of civil society were targeted by the attack.
Other targets included government officials and diplomats.
Weve reached out to NSO Group for comment, but did not hear back.

WhatsApp exploit let attackers install government-grade spyware on phones
See also:
Leave a comment
News
  • Latest
  • Read
  • Commented
Calendar Content
«     2019    »
 123
45678910
11121314151617
18192021222324
252627282930