Latest in Gear

Image credit: Omar Marques/SOPA Images/LightRocket via Getty Images

WhatsApp call exploit let attackers slip spyware on to phones

A human rights lawyer was among the targets.
601 Shares
Share
Tweet
Share
Save

Sponsored Links

Omar Marques/SOPA Images/LightRocket via Getty Images

WhatsApp appears to have been the inadvertent conduit for a surveillance campaign. Both WhatsApp and Israeli software developer NSO Group have confirmed that an exploit in WhatsApp's voice calling allowed attackers to load NSO's Pegasus spyware on to Android and iOS devices. The tool could infect a device even if a user didn't answer, and the malicious calls would frequently disappear from logs. Pegasus can use the camera and mic in addition to scooping up location and message info.

While the perpetrators haven't been identified, there are suspicions that it may be a Middle Eastern country trying to clamp down on criticism of its human rights practices. There was a failed attempt on May 12th to compromise the phone of a UK-based human rights lawyer who helped a Saudi dissident in Canada and helped sue NSO for allegedly sharing in the liability of actions perpetrated by its customers. NSO pitches its software to Middle Eastern intelligence agencies, and rights activists in the region have previously received text messages attempting to install Pegasus on their devices.

WhatsApp has alerted human rights groups and the US Justice Department. It also said the effort had "all the hallmarks" of a private company that works with governments to push spyware. NSO, however, rejected the notion that it was involved. "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology," the company said. It further claimed it screened customers and investigated abuse, including the attack on the UK lawyer.

The flaw should be fixed as you read this. WhatsApp delivered a server-side fix on May 10th, and release patched versions of its apps on May 13th. However, that doesn't address accusations that companies like NSO, Hacking Team and others have knowingly sold spyware to countries with histories of cracking down on dissidents. There are efforts to curtail these relationships, such as an imminent challenge to NSO Group's export abilities on May 15th. Unless those efforts are successful, though, it may be difficult to prevent spyware campaigns like this.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
601 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget’s guide to Home Entertainment

Engadget’s guide to Home Entertainment

View
One of Linux's most important commands had a glaring security flaw

One of Linux's most important commands had a glaring security flaw

View
New leak shows Google’s Nest Mini comes with a wall mount

New leak shows Google’s Nest Mini comes with a wall mount

View
Harley-Davidson suspends LiveWire production over a charging glitch

Harley-Davidson suspends LiveWire production over a charging glitch

View
Uber lays off employees from Eats, self-driving cars and other teams

Uber lays off employees from Eats, self-driving cars and other teams

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr