Which country was behind WhatsApp hack?

middleground

Well-known member
Joined
Nov 30, 2014
Messages
865
NSO Group, an Israeli cybersecurity and intelligence company believed to be behind WhatsApp attack. Will there be sanctions or expulsions!

https://www.rte.ie/news/world/2019/0514/1049290-whatsapp-security/

The app, which is used by 1.5 billion people around the world, discovered a vulnerability that allowed attackers to install malicious code on iPhones and Android phones by ringing up a target device.
The code could be transmitted even if users did not answer their phones and a log of the call often disappeared, the Financial Times reported.

WhatsApp, which is owned by Facebook and has its European headquarters in Dublin, said the attack bore a resemblance to spyware developed for intelligence agencies.

There are concerns that the software was used in attempts to access the phones of human rights campaigners, including a UK-based lawyer.
"We believe a select number of users were targeted through this vulnerability by an advanced cyber actor," WhatsApp told the Financial Times.
"This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.

"We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society."

The firm is said to have alerted officials at the US Department of Justice after discovering the vulnerability in early May.

WhatsApp said it released a software update yesterday.

According to the FT, the spyware was developed by NSO Group, an Israeli cybersecurity and intelligence company.

The company told the paper: "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.

"NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual (the UK lawyer)."

The vulnerability and suspected attacks have been investigated by Citizen Lab, a research group at the University of Toronto.

"We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer," the lab said.

Yesterday, Amnesty International said it was backing legal action against the Israeli Ministry of Defence demanding that it revokes NSO Group's export licence.
Danna Ingleton, deputy director of Amnesty Tech, said: "NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics."


https://www.rte.ie/news/2019/0514/1049374-whatsapp-protection/

Social media platform WhatsApp has rolled out a security fix to its 1.5 billion users worldwide after concerns were raised that hackers could inject spyware on to phones via the call function.
The company, which is owned by Facebook, believes that a select number of users were targeted by an "advanced cyber actor" exploiting the app's voice calling feature.
 


roc_

Well-known member
Joined
Dec 5, 2009
Messages
6,246
They sound like a good company to work for. Interesting work I'd say.


Unfortunately no vacancies at the moment.

Was the human rights lawyer their client hacked our very own Simone O'Broin I wonder?


If so big congratulations to all concerned!
 

james toney

Well-known member
Joined
Dec 9, 2009
Messages
16,000
Jumping the gun there...or shall we say Bonesaw .....Good to work for? They wouldnt let you clean the toilets...... Now i know why they call you off his roccer.


Did NSO/Israeli information also find it's way to the head choppers terrorist friends?
 

kalipa

Well-known member
Joined
Apr 19, 2010
Messages
10,148
The users / abusers (and their fans) of this technology are obviously not into human rights.
Probably tin pot right wing extremist governments with a lot to hide
 
Last edited:

james toney

Well-known member
Joined
Dec 9, 2009
Messages
16,000
The users / abusers (and their fans) of this technology are obviously not into human rights.
They are (Allegedly)....the useless hasbara trolls have even opened threads on it..I was just reading some of their OP's from way back....or maybe it's like holocaust denial/revisionists...and anti semitism....they don't mind some of it,depending on where it comes from.
 

middleground

Well-known member
Joined
Nov 30, 2014
Messages
865
Makes me wonder whether Facebook are serious about protecting their users. I doubt the Data Protection Commissioner will make much progress with them even if it falls on Ireland to sort these problems out because Facebook is registered here. Reports of some previous breaches below:

Facebook's alleged data misuse hit the headlines (again) on Thursday as Business Insider revealed that the company had "harvested the email contacts of 1.5 million users without their knowledge or consent when they opened their accounts." The privacy breach came to light when a security researcher questioned why Facebook was asking for email passwords when new users signed up with the platform. "Business Insider then discovered that if you did enter your email password, a message popped up saying it was 'importing' your contacts, without asking for permission first."

In addition to the obvious data misuse implications, for a commercial platform to request a password for a separate application breaks every security protocol imaginable. Forgetting the contact details that were then harvested, such a security breach would have left the email content itself open to misuse. The irony is that this concern will be dismissed because it's Facebook with the company's unique scale and reach. And yet it's Facebook that has lost significant user trust in recent months. If the company was prepared to download contacts without permission, why would it not also metadata tag email content inside those third-party services for commercial advertising purposes?

This is the second data scandal to hit the company this week. On Tuesday, NBC reported that it had leaked documents showing that "Mark Zuckerberg leveraged Facebook user data to fight rivals and help friends." The 4,000 pages of internal documents implicated Zuckerberg as well as Facebook's board and senior management in finding "ways to tap Facebook’s trove of user data — including information about friends, relationships and photos — as leverage over companies it partnered with. In some cases, Facebook would reward favored companies by giving them access to the data of its users. In other cases, it would deny user-data access to rival companies or apps."
 

Malcolm Redfellow

Well-known member
Joined
Sep 29, 2009
Messages
4,032
Website
redfellow.blogspot.com
Twitter
mredfellow
The method of the hack (says the Financial Times) is courtesy of the NSO Group.

That should be definitive. Except NSO sells its products to 'responsible' national security agencies. And once a product is out in the wild, it can be cloned.

Were we to know the identities of WhatsApp users who have been hacked, that might help point the finger more precisely.
 

kalipa

Well-known member
Joined
Apr 19, 2010
Messages
10,148
The method of the hack (says the Financial Times) is courtesy of the NSO Group.

That should be definitive. Except NSO sells its products to 'responsible' national security agencies. And once a product is out in the wild, it can be cloned.

Were we to know the identities of WhatsApp users who have been hacked, that might help point the finger more precisely.
Why would '"responsible " agencies hack human rights lawyers or activists ?
 

middleground

Well-known member
Joined
Nov 30, 2014
Messages
865
Why would '"responsible " agencies hack human rights lawyers or activists ?
and why stop with those when the security weakness gives an opportunity to find out compromising domestic secrets on persons in useful positions. WhatsApp have downplayed the number of persons hacked but time will tell. What james toney posted about possible hacking of Jamal Khashoggi is the sinister side.
 

Orbit v2

Well-known member
Joined
Dec 8, 2010
Messages
11,679
Maybe this incident will stop whatsapp from continuing with the "end to end encryption" charade.

You always had to just trust them because "end to end" encryption is worthless unless you control the encryption keys, and also have some way of substituting the software. Neither of these conditions applied.
 

james toney

Well-known member
Joined
Dec 9, 2009
Messages
16,000
They wondered how they were caught by the israeli spyware used by the Saudi intelligence.
The story is chilling......'The fact Abdulaziz's phone contained spyware means Saudi officials would have been able to see the same 400 messages Abdulaziz exchanged with Khashoggi over the period'

'A month later, another message sent by Abdulaziz confirms the first $5,000 transfer has arrived. Khashoggi replies with a thumbs up.
But in early August, he says he received word from Saudi Arabia that government officials were aware of the pair's online project.
He passed the news to Khashoggi.
"How did they know?" asks Khashoggi in a message.
"There must have been a gap," says Abdulaziz.
Three minutes pass before Khashoggi writes back: "God help us."

The 'hack'
Abdulaziz first spoke publicly about his contact with Khashoggi last month after researchers at the University of Toronto's Citizen Lab reported his phone had been hacked by military-grade spyware.
According to Bill Marczak, a research fellow at the Citizen Lab, the software was the invention of an Israeli firm named NSO Group, and deployed at the behest of the Saudi Arabian government.

Marczak said at least two other Saudi dissidents have been targeted with NSO tools: an activist named Yahya Assiri and a staff member who had been involved in Amnesty International's work on Saudi Arabia.

 

JacquesHughes

Well-known member
Joined
Feb 16, 2013
Messages
1,129
Who knew? Mike Pompeo's failure to keep the world informed.

Mike Pompeo has been travelling the world to warn the complacent that Huawei might , in the future, use it's software to spy on us. ' How wicked of them! We must unite and prevent that dreadful outcome.'
He could have added considerably to his credibility by telling the world that 'governments' ( the only customers Israeli security firm sells to) were already hacking WhatsApp accounts of individuals.

Most recently Mike gate-crashed a European Union foreign ministers conference; 'Set an extra place for dinner- Mike's dropped in; no invite, no agenda.' It would have been a good time for him to parade his bona fides as a world-citizen who is concerned about our security. No warning about WhatsApp was given.

The man whose job it is to know ( and the Israeli firm developed the hack ( keywords 'start-up', 'military grade') using 'defence' funding, provided by America, so that the US government is, in a sense, the ultimate emptor of this hack ) didn't seem to even know...that it's secrecy was about to be blown!

It's not the only incident rocking Mike's credibility and short span of attention ( shouldn't he be seeing the Venezuela regime-change to a conclusion?): the key claim of risk from Iran has been contradicted by the most senior British officer on the ground.
read:British General Contradicts U.S. Claim of Increased Threat From Iran-Backed Militias

Yes. It's been a tough old week, but there are all those air-miles.
 

middleground

Well-known member
Joined
Nov 30, 2014
Messages
865
A small club of Five Eyes, Saudis, UAE, and Israel hating the same nations with no need for truth as they control the story. An axis of egos!

https://www.bbc.com/news/world-us-canada-48271986

There's much speculation that the Israeli government would, to build relations with their new friends in the Gulf, have allowed the NSO Group to sell their software to Gulf states.

What suggests that? Well it's perhaps not a coincidence that among those reportedly targeted by the WhatsApp hacking software were lawyers investigating human rights abuses in Gulf states, a Saudi dissident and a Qatari citizen.



The Trump administration is made up of people who hate the Iranian regime and everything it stands for.

So, this new "Axis of Egos" is all doing each other favours to position themselves collectively to fully unite against Iran.

Lots of trades are taking place. Some involve arms sales, some involve the price of oil and gas, some involve political trades like the one that some in the White House are doing for the Saudis by trying to designate the Brotherhood as a terrorist group.

In a replay of what happened before the invasion of Iraq, it appears that any strand of intelligence that can be spun into a reason to ratchet up the pressure on Iran is being used.


And the best way to gather intelligence is for all your allies to be spying on as many people in the region as you can.

One of the best ways to do that is to hack into the Trojan horse we all voluntarily carry with us, our smartphones.
 


New Threads

Popular Threads

Most Replies

Top