Israeli spyware at center of WhatsApp surveillance storm

The secretive NSO Group is the developer of Pegasus, its flagship software capable of controlling and collecting information from target mobile devices.

By
May 14, 2019 16:56
2 minute read.
Silhouettes of mobile users next to the Whatsapp logo, March 28, 2018.

Silhouettes of mobile users next to the Whatsapp logo, March 28, 2018.. (photo credit: REUTERS/ DADO RUVIC)

 
X

Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analysis from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later

A vulnerability in popular messaging app WhatsApp reportedly enabled the installation of advanced surveillance spyware developed by Israeli cyber firm NSO Group on phones and other mobile devices.

Discovered earlier this month by WhatsApp engineers, the flaw enabled hackers to remotely install spyware developed by NSO Group by calling targets using Whatsapp’s voice calling function, the Financial Times reported, adding that users did not need to answer the phone for the code to be inserted.

“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said in a note to reporters.

The company added that it had briefed a number of human rights organizations and referred the breach to the US Justice Department.

WhatsApp also encouraged users to “upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”

The secretive NSO Group is the developer of Pegasus, its flagship software capable of controlling and collecting information from target mobile devices.

The company says it only sells its technology to government agencies for fighting crime and terror, but its software has been alleged to be behind spying on individuals including now-imprisoned Emirati activist Ahmed Mansoor and Saudi journalist Jamal Khashoggi, murdered in the country’s consulate in Istanbul in October 2018.

“NSO’s technology is licensed to authorized government agencies for the sole purpose of fighting crime and terror,” the Herzliya-based company said in a statement.


“The company does not operate the system, and after a rigorous licensing and vetting process, intelligence and law enforcement determine how to use the technology to support their public safety missions. We investigate any credible allegations of misuse and if necessary, we take action, including shutting down the system.

“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies. NSO would not or could not use its technology in its own right to target any person or organization.”

On Monday, a petition supported by Amnesty International and other human rights groups was filed at the Tel Aviv District Court, calling on the Ministry of Defense to revoke NSO Group’s export license.

In June 2018, London-based Amnesty alleged that one of its activists working on human rights in Saudi Arabia was the target of a malicious WhatsApp message from the NSO Group.

“The Israeli MoD has ignored mounting evidence linking NSO Group to attacks on human rights defenders, which is why we are supporting this case,” said Danna Ingleton, deputy director of Amnesty Tech.

“As long as products like Pegasus are marketed without proper control and oversight, the rights and safety of Amnesty International’s staff and that of other activists, journalists and dissidents around the world is at risk.”

Under Israeli law, no person is entitled to receive a defense marketing or export license unless he or she is registered with the Defense Ministry’s defense export registry.

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

May 27, 2019
A country by country look at the EU elections

By SETH J. FRANTZMAN