the fact that WhatsApp is not as safe as it may seem to some, has been known for some time. Especially since (and here new for those who did not know yet) WhatsApp was bought in 2014 by Facebook. Recently, this problem has affected 1,400 users.
How did this happen?
In short, the Israeli company operating under the name NSO Group is the author of spyware called Pegasus. This software allows surveillance of people using smartphones with 0day exploits. 0day are bugs that have not been made public (so there are no patches for them) and their author is not going to share them, but wants to sell them and / or use them for his own purposes.
Let’s stop here for a moment to familiarize you with what Pegasus can do.
Fig. 1 Pegasus software capabilities
As you can see, it’s quicker to ask what Pegasus can’t do. This is very advanced surveillance software.
Who are the clients of NSO Group?
The majority of NSO Group clients are the governments of different countries. Among them is also our country, which paid 33 million zlotys for this system (read: Money from the fund to support victims of criminals went to the surveillance system).
Returning to the merits - what happened?
Not so long ago, Facebook has sued the NSO Group for improper use of Pegasus software. NSO Group says their surveillance software is designed to prosecute dangerous criminals and terrorists. Facebook, on the other hand, provides strong evidence that Pegasus has attacked 1,400 WhatsApp users who were not criminals, but journalists, diplomats and human rights defenders from over 20 countries.
Facebook calls this an explicit violation of human rights and not accidental, uncontrolled action. NSO Group obviously denies everything and defends itself over and over with populist style arguments
for millions of years our software has been used to actively catch criminals
The company does not provide any specific arguments in its favor.
What countries are the victims from?
The lawsuit does not specify specific countries, however, after prefixes of telephone numbers it can be determined that they are min. Mexico, United Arab Emirates and Bahrain. But in total, the victims were to come from four continents.
Facebook does not mention victims by name, but says about them
the targets were also well-known television personalities, prominent women who became the target of the hate campaign, and people who had experienced the assassination, threats and violence
These are very serious allegations. However, they are not groundless. Over a year ago, the NSO Group contributed to the death of Washington Post journalist Jamal Khashoggi.
How did Pegasus infect WhatsApp?
To take over WhatsApp, there was an error that occurs in this communicator during video connections. A malicious call, even if it was not answered, allowed the Trojan to be embedded in the phone, and thus – further surveillance of the device.
The error has already been patched, and according to the portal niebezpiecznik.pl, one of the employees responsible for WhatsApp security, was to receive from the NSO Group employee a message with the content
You’ve just beaten our best way to get on your mobile
Gag worthy of being embedded in a hacker movie.
A moment of reflection
Although it is not easy to hear this, government agencies have hacked, hacked and will probably continue to hack. However, it’s worth considering the materials we send online. You can’t feel 100% secure and anonymous, even behind a VPN and virtual machines.
As for the NSO Group, despite the fact that they do not lack technical talent, their reputation goes with the toilet and the use of their services becomes simply risky. Novalpina Capital, a British fund that bought the NSO Group in February 2019 for around $ 1 billion, will certainly not be happy.
I use WhatsAppa - what to do?
As I mentioned before – the hole was patched. There are certainly other ways to take control of your phone.
But if you do not do anything illegal, do not exchange inappropriate and prohibited content, then you have nothing to fear. I simply recommend due caution and common sense. You can also opt for Signal messenger, which basically encrypts everything you can, is free, fast and has a high level of security. His only downside is that he is not as popular as WhatsApp. But maybe that’s okay?