Exclusive: Government officials around the globe targeted for hacking
through WhatsApp - sources
OCTOBER 31, 201
WASHINGTON (Reuters) - Senior government officials
in multiple U.S.-allied countries were targeted earlier this year with hacking
software that used Facebook Inc’s (FB.O) WhatsApp to
take over users’ phones, according to people familiar with the messaging
company’s investigation.
Sources familiar with WhatsApp’s internal
investigation into the breach said a “significant” portion of the known victims
are high-profile government and military officials spread across at least 20
countries on five continents. Many of the nations are U.S. allies, they said.
The hacking of a wider group of top government
officials’ smartphones than previously reported suggests the WhatsApp cyber
intrusion could have broad political and diplomatic consequences.
WhatsApp filed a lawsuit on Tuesday against Israeli
hacking tool developer NSO Group. The Facebook-owned software giant alleges
that NSO Group built and sold a hacking platform that exploited a flaw in
WhatsApp-owned servers to help clients hack into the cellphones of at least
1,400 users between April 29, 2019, and May 10, 2019.
The total number of WhatsApp users hacked could be
even higher. A London-based human rights lawyer, who was among the targets,
sent Reuters photographs showing attempts to break into his phone dating back
to April 1.
While it is not clear who used the software to hack
officials’ phones, NSO has said it sells its spyware exclusively to government
customers.
Some victims are in the United States, United Arab
Emirates, Bahrain, Mexico, Pakistan, and India, said people familiar with the
investigation. Reuters could not verify whether the government officials
were from those countries or elsewhere.
Some Indian nationals have gone public with
allegations they were among the targets over the past couple of days; they
include journalists, academics, lawyers and defenders of India’s Dalit
community.
NSO said in a statement that it was “not able to
disclose who is or is not a client or discuss specific uses of its technology.”
Previously it has denied any wrongdoing, saying its products are only meant to
help governments catch terrorists and criminals.
Cybersecurity researchers have cast doubt on those
claims over the years, saying NSO products were used against a wide range of
targets, including protesters in countries under authoritarian rule.
Citizen Lab, an independent watchdog group that
worked with WhatsApp to identify the hacking targets, said on Tuesday at least
100 of the victims were civil society figures such as journalists and
dissidents, not criminals.
John Scott-Railton, a senior researcher at Citizen
Lab said it was not surprising that foreign officials would be targeted as
well.
“It is an open secret that many technologies
branded for law enforcement investigations are used for state-on-state and
political espionage,” Scott-Railton said.
Prior to notifying victims, WhatsApp checked the
target list against existing law enforcement requests for information relating
to criminal investigations, such as terrorism or child exploitation cases. But
the company found no overlap, said a person familiar with the matter.
Governments can submit such requests for information to WhatsApp through an
online portal the company maintains.
WhatsApp has said it sent warning notifications to
affected users earlier this week. The company has declined to comment on the
identities of NSO Group’s clients, who ultimately chose the targets.
Reporting by
Christopher Bing and Raphael Satter; Editing by Chris Sanders, Lisa Shumaker
and Tom Brown
No hay comentarios:
Publicar un comentario