Hackers were discovered to have installed surveillance malware on multiple devices, taking advantage of vulnerability in the application. WhatsApp released a fix on Friday, stating that the brazen attack was by a cyber-actor with powerful capabilities, which targeted a number of users.
NSO, an Israeli security firm, is responsible for this attack, which was discovered in early May. A target’s device was rung up making use of the inbuilt calling function in WhatsApp. This would install the software, with the logs being deleted once installation was complete.US DoJ, security vendors and human rights organizations were among the first who were informed by WhatsApp.
The company stated that the attack looked like the handiwork of a security company, engaged in spyware development for governments. An advisory was also published, stating that buffer overflow weaknesses in its VOIP stack were exploited for the attack.NSO Group has often been called a cyber-arms dealer, due to its history in the field.
Its Pegasus software was capable of capturing location, camera, microphone and other such sensitive data from target devices. However, it supplied software only to governments for law enforcement purposes, fighting against terror and crime. Any misuse of the platform would result in a shutdown, revealed the company.
NSO does not use the software for its own purposes. It merely develops and delivers software for government agencies.
WhatsApp estimated the number of affected users at 1.5 billion. Amnesty International, known to be attacked by NSO during recent years stated that these kinds of tools were capable of infecting private devices without any action from users. They called for accountability measures against the company and transparency orders. Such software was heavily used by dictatorial regimes to track journalists and activists. Tuesday will see a court in Tel Aviv judge a petition by Amnesty, to revoke NSO’s license.