15 May 2019 — Electronic Intifada
Israel’s NSO Group exploited critical vulnerability in WhatsApp to install powerful spyware on phones.
Users of the messaging service WhatsApp are being urged to immediately update to the latest version of the app.
WhatsApp, which is owned by Facebook, released the update to fix a critical vulnerability that allowed Israeli spyware to be installed on a user’s smartphone simply by ringing it up.
“The malicious code, developed by the secretive Israeli company NSO Group, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs,” according to the Financial Times.
The newspaper reported that a UK-based human rights lawyer’s phone was targeted using the vulnerability on Sunday, even as WhatsApp engineers raced to close it.
John Scott-Railton, a researcher at the University of Toronto’s Citizen Lab, told the Financial Times that attack had failed.
“We believe that the measures that WhatsApp put in place in the last several days prevented the attacks from being successful,” Scott-Railton said.
It has been long known that NSO Group made a system called Pegasus that allowed operators to install powerful spyware on a user’s phone by sending them a deceptive text message and inducing them to click on a link.
The system has been sold to governments around the world.
It installs sophisticated malware on the targeted device that can go undetected and send a frightening amount of data to those doing the spying.
This includes locations, recordings, screenshots, email and text messages, passwords and photographs.
It was reported last year that NSO Group had developed an even more invasive system that allows spies to take control of a phone without the targeted user having to click on a link.
NSO Group demonstrated the system to Saudi officials, who expressed an interest in buying it.
According to Amnesty International, NSO Group spyware has been used to target at least 24 human rights defenders, journalists and lawmakers in Mexico; Saudi activists Omar Abdulaziz, Yahya Assiri and Ghanem al-Masarir; award-winning Emirati human rights campaigner and political prisoner Ahmed Mansoor; and, allegedly, Jamal Khashoggi, the Saudi journalist murdered and dismembered in his country’s Istanbul consulate last year.
The United Arab Emirates even used NSO Group technology in attempts to spy on Qatar’s Emir Tamim bin Hamad Al Thani, Lebanese Prime Minister Saad Hariri and a Saudi prince.
“NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics,” said Danna Ingleton, a tech specialist for the human rights group who is providing supporting testimony in the case.
“It’s time to stop the use of NSO Group’s tools to infiltrate, intimidate and silence civil society,” Ingleton added.
The case is being brought jointly with New York University School of Law’s Bernstein Institute for Human Rights and Global Justice Clinic.
In one of the latest instances uncovered in March by the University of Toronto’s Citizen Lab, Griselda Triana, a journalist and the wife of slain journalist Javier Valdez, was targeted in Mexico with NSO Group’s Pegasus spyware following his assassination.
The Citizen Lab has played a critical role in tracking how NSO Group’s spyware has been used against journalists and human rights defenders around the world.
In January, the organization revealed that two of its researchers had been approached by suspicious individuals in what it believed was “an attempt to compromise our work” on monitoring the use of NSO Group’s spyware.
Mexican and Saudi citizens targeted with NSO Group spyware are also suing the company, and their lawyers, in turn, “have been approached by people pretending to be potential clients or donors, who then try to obtain information about the ongoing lawsuits,” according to the Financial Times.
“It’s upsetting but not surprising that my team has been targeted with the very technology that we are raising concerns about in our lawsuits,” Alaa Mahajne, a Jerusalem lawyer representing the Mexican and Saudi citizens, said.
The Israeli defense ministry “has ignored mounting evidence linking NSO Group to attacks on human rights defenders, which is why we are supporting this case,” Amnesty’s Danna Ingleton said, explaining the logic of her organization’s lawsuit.
“As long as products like Pegasus are marketed without proper control and oversight, the rights and safety of Amnesty International’s staff and that of other activists, journalists and dissidents around the world is at risk.”
While that may be true, and legal action may be justified, expecting Israel’s defense ministry to protect human rights is like putting the proverbial fox in charge of the hen house.