MeitY has asked WhatsApp for details about the recent spyware hack that allowed attackers to compromise users’ devices via WhatsApp calls, and the steps it is taking to address the situation, the Economic Times reports. The ministry has also asked the messaging service whether users in India were compromised and if so, how many. Once it gets these details, the ministry will decide whether or not to issue an advisory to its officials using the app. According to reports, the spyware was developed by NSO Group, an Israeli technology firm focused on cyber intelligence. It could be installed on a target’s phone through a WhatsApp call, without needing the receiver to answer it. Once installed, the spyware could turn on a phone’s camera and mic, scan emails and messages, and collect location data. WhatsApp urged its 1.5 billion global users to update the app immediately to close the security hole.
Amnesty wants NSO Group’s export license revoked
On Thursday, Amnesty International asked Israel’s government to ensure that NSO Group be held accountable for the way its software is used, per EuroNews. Amnesty had filed a petition in Israel seeking the revocation of the company’s export licence and told Reuters that it was the government’s responsibility to take a firmer stance against export licenses that “resulted in human rights abuses”. Following this, NSO Group’s owner said the company would do whatever was necessary to ensure that its spyware does not undermine human rights, per Reuters. Without mentioning specific attacks, the NSO said in a statement that it would investigate any “credible allegations of misuse” of its technology, which it claimed was used only by intelligence and law enforcement agencies.
The WhatsApp spyware was discovered when it was used – unsuccessfully – to target a London lawyer involved in lawsuits that accuse NSO Group of providing tools to hack the phones of a Saudi dissident in Canada, a Qatari citizen, and a group of Mexican journalists and activists. The researchers said the list of targets could be much longer. Citizen Lab had observed the attack on the lawyer’s phone, having suspected that the person would be targeted. Citizen Lab has been investigating the NSO Group and the use of its Pegasus software by governments to target dissidents and journalists.
WhatsApp has just pushed out updates to close a vulnerability. We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer. Now is a great time to update your WhatsApp software https://t.co/pJvjFMy2aw https://t.co/e8VQUraZWQ
— Citizen Lab (@citizenlab) May 13, 2019
A WhatsApp spokesperson had earlier told MediaNama that it was difficult for them to provide a specific number for how many people were affected by the exploit, saying, “This is the kind of advanced exploit that would be highly selective in nature and would be available to only advanced and highly motivated actors”, and “We believe a select number of users were targeted through this vulnerability by an advanced cyber actor.”
