WhatsApp, a chat app owned by Facebook, is walking its privacy talk. The company has announced that it is suing NSO, a Israeli company that is reportedly behind the technology that allowed sophisticated hackers or government officials to gain access to a WhatsApp user's phone simply by making a video call. The report of this hack surfaced earlier this year and it was revealed that even if the users did not pick up the WhatsApp video call, the hackers could infect the targeted phone to gain almost complete access to it.
WhatsApp had updated the app at that time and launched a probe into how the hack worked and how many users were affected. The company now says that its investigation is complete and it is suing NSO because it believes that not only the Israel-based company created the technology that can hack into the phones of WhatsApp users but also provided necessary tools to do so during actual hacking.
"In May 2019 we stopped a highly sophisticated cyber attack that exploited our video calling system in order to send malware to the mobile devices of a number of WhatsApp users," the company wrote on its official website. "WhatsApp has filed a complaint in US court that attributes the attack to a spyware company called NSO Group and its parent company Q Cyber Technologies. We are seeking a permanent injunction banning NSO from using our service."
WhatsApp says that over 1400 users, many of them high-profile journalists and rights workers -- were targeted using this hack.
When the news about the hack came earlier in summer, NSO, which allegedly supplies told and technologies to governments across the world, claimed that it only worked with governments -- and hence legitimate customers -- and that it did not condone misuse of its technology.
However, writing in Washington Post WhatsApp boss Will Cathcart said that NSO was actively involved in hacks.
"As we gathered the information that we lay out in our complaint, we learned that the attackers used servers and Internet-hosting services that were previously associated with NSO. In addition, as our complaint notes, we have tied certain WhatsApp accounts used during the attacks back to NSO. While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful," wrote Cathcart.
While a lawsuit may not result in any significant change in the way shadowy world of hackers, government operatives and tech companies work to target select high-profile users, it is sure to start a debate on where to draw the line and whether technology companies like NSO -- or for that matter the companies that make internet blocking systems -- should work with the governments even when they know that their technologies can be misused. The debate is also likely to help WhatsApp at a time when its parent company Facebook is under fire over privacy concerns.
As far as India is concerned, it is not clear how many WhatsApp users were targeted using NSO technologies. "Working with research experts at the Citizen Lab, we believe this attack targeted at least 100 members of civil society, which is an unmistakable pattern of abuse," notes WhatsApp. Citizen Lab has highlighted that in India and Southeast Asia some WhatsApp users were targeted by hackers that were part of a project called Ganges.
"We identified five operators that we believe are focusing on Asia. One operator, GANGES, used a politically themed domain sign petition[.]co," noted Citizen Lab.
No comments