Software created by an Israeli spyware firm with links to the murder of Saudi journalist Jamal Khashoggi has been used to hack messaging app WhatsApp.
WhatsApp discovered earlier this month that potential attackers had been able to install malicious surveillance software on to both iPhones and Android phones by ringing targets using the app’s phone call function, the Financial Times (FT) reported yesterday. The FT added that the software “could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs”.
The software in question was developed by Israel’s NSO Group, famous for manufacturing the notorious “Pegasus” spyware. It is thought that NSO’s software took advantage of a loophole in WhatsApp, which the latter was still working to fix as late as this weekend. WhatsApp is now urging its 1.5 billion global users to update their app to reduce the risk of further attacks.
The company said in a statement: “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”
It is not yet clear how many mobile phones have been targeted by the attack.
The hack was discovered after a London-based lawyer – who spoke to the media on condition of anonymity – raised the alarm, believing his phone had been targeted. According to the New York Times, the lawyer said he had “grown suspicious that his phone had been hacked when he started missing WhatsApp video calls from Swedish telephone numbers at odd hours”.
He then contacted Canada-based research group Citizen Lab, which has been at the forefront of investigations into the use of NSO Group’s software for malicious purposes. The group then began to look into the incident.
MEMO was able to contact the lawyer at the heart of the affair, who described the revelations as “upsetting” but stressed that it “comes as no surprise given that now NSO’s technology is frequently used against human rights defenders, lawyers and journalists”. “This shows the importance of holding the company accountable,” he added.
The lawyer in question is currently involved in a lawsuit accusing NSO Group of providing tools to hack Omar Abdulaziz, a Canada-based Saudi dissident close to Khashoggi whose phone was tapped using Pegasus software. The petition claims: “In the months before [Khashoggi’s] killing [on 2 October 2018], the [Saudi] royal court had access to Mr. Khashoggi’s communications about opposition projects with Mr. Abdulaziz because of the spyware on Mr. Abdulaziz’s phone.”
Although NSO Group in January claimed its software was not used to spy on Khashoggi directly, the sale of its products to Saudi Arabia has been vehemently criticised. In an interview with Israeli newspaper Yedioth Ahronoth, US whistle-blower Edward Snowden argued that if the group had refused to sell its technology to Saudi Arabia, Khashoggi would still be alive.
Snowden stressed that while he does “not pretend that NSO is involved in hacking into Khashoggi’s phone […] the evidence shows that the company’s products were involved in hacking into the phones of [Khashoggi’s] friends Omar Abdulaziz, Yahya Assiri, and Ghanem Al-Masarir.”
This was not the first time Snowden accused NSO Group of contributing to Khashoggi’s murder. In November, Snowden accused NSO of “selling a digital burglary tool,” adding its products are “not just being used for catching criminals and stopping terrorist attacks, not just for saving lives, but for making money”. “Such a level of recklessness […] actually starts costing lives,” he added.
Human rights organisations have joined Snowden’s criticism of NSO Group. Yesterday, Amnesty International announced that it was supporting legal action against Israel’s Ministry of Defence (MoD), demanding that it revoke NSO’s export license.
In a petition filed today at Tel Aviv District Court, the human rights organisation argued: “The Israeli MoD has ignored mounting evidence linking NSO Group to attacks on human rights defenders […] As long as products like Pegasus are marketed without proper control and oversight, the rights and safety of Amnesty International’s staff and that of other activists, journalists and dissidents around the world is at risk.”
Amnesty first appealed to Israel’s MoD to revoke NSO’s licence back in November, after one of its employees was targeted by the group’s software around the same time as Abdulaziz. These appeals were ignored by the MoD, prompting Amnesty to launch this week’s legal action in conjunction with New York University School of Law’s Bernstein Institute for Human Rights and Global Justice Clinic.