WhatsApp Sues Israeli NSO Group for Allegedly Helping Spies Hack Phones World Wide

WhatsApp Sues Israeli NSO Group for Allegedly Helping Spies Hack Phones World Wide

October 29, 2019 – On Tuesday WhatsApp sued the Israeli surveillance firm NSO Group for allegedly assisting government spies breaking into the phones of roughly 1,400 users. The implications for freedom of the press, freedom of association and general privacy concerns couldn’t be more dire. According to a report by Newsmax:

In a lawsuit filed in federal court in San Francisco, messaging service WhatsApp, which is owned by Facebook Inc , accused NSO of facilitating government hacking sprees in 20 countries. Mexico, the United Arab Emirates and Bahrain were the only countries identified.

WhatsApp said in a statement that 100 civil society members had been targeted, and called it “an unmistakable pattern of abuse.”

NSO denied the allegations. – Newsmax

The allegations are that the NSO Group facilitated a government hacking spree, whose targets included diplomats, political dissidents, journalists, and senior government officials. The report continues:

WhatsApp said the attack exploited its video calling system in order to send malware to the mobile devices of a number of users. The malware would allow NSO’s clients – said to be governments and intelligence organizations – to secretly spy on a phone’s owner, opening their digital lives up to official scrutiny.

WhatsApp is used by some 1.5 billion people monthly and has often touted a high level of security, including end-to-end encrypted messages that cannot be deciphered by WhatsApp or other third parties.

Citizen Lab, a cybersecurity research laboratory based at the University of Toronto that worked with WhatsApp to investigate the phone hacking, told Reuters that the targets included well-known television personalities, prominent women who had been subjected to online hate campaigns and people who had faced ‘assassination attempts and threats of violence.’ 

Governments have increasingly turned to sophisticated hacking software as officials seek to push their surveillance power into the furthest corners of their citizens’ digital lives.

Companies like NSO say their technology enables officials to circumvent the encryption that increasingly protects the data held on phones and other devices. But governments only rarely talk about their capabilities publicly, meaning that the digital intrusions like the ones that affected WhatsApp typically happen in the shadows. – Newsmax

The implications for journalists and potential whistleblowers are especially troubling, given the deliberate destruction of Wikileaks and the coordinated de-platforming of 8chan. According to Reuters:

The lawsuit seeks to have NSO barred from accessing or attempting to access WhatsApp and Facebook’s services and seeks unspecified damages.

NSO’s phone hacking software has already been implicated in a series of human rights abuses across Latin America and the Middle East, including a sprawling espionage scandal in Panama and an attempt to spy on an employee of the London-based rights group Amnesty International.

NSO came under particularly harsh scrutiny over the allegation that its spyware played a role in the death of Washington Post journalist Jamal Khashoggi, who was murdered at the Saudi Consulate in Istanbul a little over a year ago.

Khashoggi’s friend Omar Abdulaziz is one of seven activists and journalists who have taken the spyware firm to court in Israel and Cyprus over allegations that their phones were compromised using NSO technology. Amnesty has also filed a lawsuit, demanding that the Israeli Ministry of Defense revoke NSO’s export license to ‘stop it profiting from state-sponsored repression.’

NSO has also brought on a series of high-profile advisers, including former Pennsylvania Governor Tom Ridge and Juliette Kayyem, a senior lecturer in international security at Harvard University. Last month, NSO announced it would begin abiding by U.N. guidelines on human rights abuses. – Reuters

NSO Group is accused of helping oppressive and authoritarian regimes crackdown on political dissidents, journalists, and human rights activists. Avi Asher-Schapiro does a good breakdown in this twitter thread:

Avi detailed some of the methods that were being used for the Columbia Journalism Review in an October 2018 article entitled ‘Spyware Hijacks Smartphones, Threatens Journalists Around The World‘ he explains the grave implications:

His suspicions were all but confirmed a year later when leaked government documents revealed a $32 million contract between the Mexican Attorney General’s office and a local intermediary for the NSO Group, the Israeli company that sells Pegasus to law enforcement agencies.

The attack against Barragán isn’t an isolated incident. Earlier this month, Citizen Lab published a report that found traces of Pegasus in over 45 countries, including a number of places where the government is known to aggressively prosecute reporters, such as Turkey and Kazakhstan. The threat this poses to journalists can’t be overstated: A Pegasus operator can quietly transform a cellphone into a surveillance hub, tracking the reporters movements, identify sources, even potentially impersonate that journalist in the digital world. Given the global nature of the threat, this past week, the Committee to Protect Journalists issued a security advisory, its first ever on Pegasus, to alert journalists everywhere that they could be targeted a manner similar to Barragán. – Columbia Journalism Review

Avi had been tracking and investigating reports of hacking by alleged government-backed state actors of journalists around the world. Most of the targets are without the kinds of resources or corporate backing that could help them defend against such an attack. His twitter thread continues:

It’s disappointing that, rather than avoid working with oppressive regimes that punish dissidents, the NSO group decided to hire a team of “advisors” and go on a public relations blitz.

I don’t think hiring a former Obama administration official is a good way to show that the company is serious about the concerns for human rights. The Obama administration was notorious for its expansion of the wars in the Middle East, secret kill lists, gun-running scandals, spying on the Senate Select Committee on Intelligence and AP Reporters.

They were apparently working with Amazon to deploy their malware:

The lawsuit makes many allegations. Assassination attempts, harassment, and surveillance are among the many. These corroborate accounts by journalists and human rights groups who have been monitoring the situation for some time.

You can read the complaint here.

Q Cyber Technologies? We will continue to cover this. Please check back for updates.

See a spelling or grammar error? Let us know! Highlight the text and press Ctrl+Enter.

Notify of
Inline Feedbacks
View all comments