Speaking to The Guardian, WhatsApp’s chief executive, Will Cathcart, said there are “parallels” between the 2019 attacks and a recent data leak allegedly implicating NSO Group clients in widespread cybersurveillance. Israeli vendor NSO Group has experienced bad press in recent weeks due to a damning report issued by Forbidden Stories, Amnesty International, and various media outlets worldwide. Forbidden Stories claimed that a leaked list of over 50,000 phone numbers allegedly revealed individuals either “of interest” or selected for targeting by clients. According to the non-profit’s Pegasus project, while an appearance on the list does not mean that someone was targeted or compromised by Pegasus, infection by the firm’s spyware was confirmed in “dozens” of cases. Pegasus spyware has capabilities including remote access, both email and browser monitoring, location checks, information exfiltration, call recording, and the extraction of conversations across messaging applications including WhatsApp and Facebook. NSO Group markets its products for use in criminal and terrorism-related investigations. Alongside the alleged targeting of government officials, journalists, diplomats, political dissidents, lawyers, and activists were reportedly included in the leak. In 2019, WhatsApp filed a complaint against NSO Group, alleging that the company was responsible for the targeting of at least 100 human rights activists, journalists, and other figures of interest. A vulnerability in the WhatsApp video calling feature, since resolved, was allegedly exploited to load spyware on victim handsets without user interaction. In the latest leak, a phone number belonging to the president of France, Emmanuel Macron, was said to be included in the records. Macron has now reportedly spoken to Israel’s Prime Minister, Naftali Bennett, to obtain assurances that the country is “properly investigating” the allegations laid at NSO Group’s door. However, NSO Group says that Macron was not a “target.” In contrast, last week, it was reported that India’s opposition leader, Rajiv Gandhi, was selected. In addition, it has been alleged that Pegasus has been used to covertly monitor the mobile devices of up to 1,000 citizens in the country over the past six years. Morocco has reportedly filed a complaint against Amnesty International and Forbidden Stories, citing defamation over claims the government used Pegasus to target French reporters and lawyers. Amnesty International has stood by the validity of the data set. Cathcart said the incident should be a “wake-up call” to all of us, adding that governments should take an active role in creating accountability for spyware vendors. “NSO Group claims that a large number of governments are buying their software, that means those governments, even if their use of it is more controlled, those governments are funding this,” Cathcart told The Guardian. “Should they stop? Should there be a discussion about which governments were paying for this software?” In an update posted July 21, NSO Group said “enough is enough” and the company would no longer answer media inquiries related to the Forbidden Stories report, and it would “not play along with the vicious and slanderous campaign.” The spyware seller said the lists obtained were not related to NSO Group and the firm does not “have access to the data of our customers, yet they are obligated to provide us with such information under investigations.” “NSO will thoroughly investigate any credible proof of misuse of its technologies, as we always had, and will shut down the system where necessary,” the company added.
Previous and related coverage
NSO Group’s Pegasus spyware used against journalists, political activists worldwideMicrosoft, Google, Cisco, and others file amicus brief in support of Facebook’s NSO lawsuitModi government accused of spying on critics and opponents using Pegasus spyware
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0