Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday May 24 2019, @07:28PM   Printer-friendly
from the No-Such-Organization dept.

Israeli firm linked to WhatsApp spyware attack faces lawsuit

The Israeli firm linked to this week's WhatsApp hack is facing a lawsuit backed by Amnesty International, which says it fears its staff may be under surveillance from spyware installed via the messaging service.

The human rights group's concerns are detailed in a lawsuit filed in Israel by about 50 members and supporters of Amnesty International Israel and others from the human rights community. It has called on the country's ministry of defence to ban the export of NSO's Pegasus software, which can covertly take control of a mobile phone, copy its data and turn on the microphone for surveillance.

An affidavit from Amnesty is at the heart of the case, and concludes that "staff of Amnesty International have an ongoing and well-founded fear they may continue to be targeted and ultimately surveilled" after a hacking attempt last year.

NSO Group, founded in 2010, supplies industry-leading surveillance software to governments that it says is for tackling terrorism and serious crime, and has been licensed to dozens of countries including Saudi Arabia, Mexico, Bahrain and the UAE.

But there have been a string of complaints in the past few months, documented largely by the Toronto-based Citizen Lab, that the technology has been used to target human rights groups, activists and journalists by several countries – and that there has been no attempt to rein it in.

See also: After WhatsApp hack, NSO faces scrutiny from Facebook and UK public pension fund
WhatsApp's security breach: Made in Israel, implemented worldwide
WhatsApp Rushes to Fix Security Flaw Exposed in Hacking of Lawyer's Phone

Previously: A WhatsApp Call Can Hack a Phone: Zero-Day Exploit Infects Mobiles with Spyware

Related: Israeli Spy Tech Company Allegedly Cracks WhatsApp Encryption (2016)
Former NSO Employee Arrested After Attempting to Sell Spyware for $50 Million
Agents Target Researchers who Reported Software that Spied on Jamal Khashoggi before his Death


Original Submission

Related Stories

Israeli Spy Tech Company Allegedly Cracks WhatsApp Encryption 17 comments

Forbes staff reporter Thomas Fox-Brewster has an article (mirror here for those who won't turn off their ad blockers) reporting that Haifa-based spy tech company Wintego allegedly has the capability to break WhatsApp's encryption. From the article:

An Israeli company is marketing what appears to be an astonishing surveillance capability, claiming it can siphon off all WhatsApp chats, including encrypted communications, from phones within close proximity of a hidden Wi-Fi hacking device in a backpack.

Brochures leaked to FORBES, and published below, revealed a non-public offering from Haifa-based Wintego called CatchApp. It promises an "unprecedented capability" to break through WhatsApp encryption and grab everything from a target's account. It does so through a "man-in-the-middle" (MITM) attack; in theory the traffic is intercepted between the app and the WhatsApp server and somehow the encryption is decoded by the device, though that may not be possible with the latest upgrades to the software's cryptography.

According to the anonymous source who handed FORBES the documents, the product works on the most current versions of WhatsApp, noting the brochures were handed out at a policing event this year. They could not offer any proof of that claim, however, and the files may date from before WhatsApp added significantly stronger end-to-end encryption.


Original Submission

Former NSO Employee Arrested After Attempting to Sell Spyware for $50 Million 7 comments

Submitted via IRC for BoyceMagooglyMonkey

A former employee of NSO Group, a company that sells zero-days and powerful spyware products to governments around the world, has been arrested and charged in Israel for stealing some of the company's products and attempting to sell it on the Dark Web for $50 million.

Israeli officials did not release the man's name, but the arrest took place last month, on June 5, according to local news outlets who broke the story.

[...] The NSO Group is a controversial company because besides selling its zero-days and spyware to government agencies in democratic states, they've also sold it to abusive regimes. The Citizen Lab team at the Munk School of Global Affairs at the University of Toronto have been tracking many of the cases where NSO's spyware —mainly Pegasus— was abused by governments in recent years.

Source: Former NSO Employee Arrested After Attempting to Sell Spyware for $50 Million


Original Submission

Agents Target Researchers who Reported Software that Spied on Jamal Khashoggi before his Death 26 comments

Undercover agents target cybersecurity watchdog Citizen Lab, which reported key details in Khashoggi case

The researchers who reported that Israeli software was used to spy on Washington Post journalist Jamal Khashoggi's inner circle before his gruesome death are being targeted in turn by international undercover operatives, The Associated Press has found.

Twice in the past two months, men masquerading as socially conscious investors have lured members of the Citizen Lab internet watchdog group to meetings at luxury hotels to quiz them for hours about their work exposing Israeli surveillance and the details of their personal lives.


Original Submission

A WhatsApp Call Can Hack a Phone: Zero-Day Exploit Infects Mobiles with Spyware 15 comments

A WhatsApp Call Can Hack a Phone: Zero-Day Exploit Infects Mobiles with Spyware:

A security flaw in WhatsApp can be, and has been, exploited to inject spyware into victims' smartphones: all a snoop needs to do is make a booby-trapped voice call to a target's number, and they're in. The victim doesn't need to do a thing other than leave their phone on.

The Facebook-owned software suffers from a classic buffer overflow weakness. This means a successful hacker can hijack the application to run malicious code that pores over encrypted chats, eavesdrops on calls, turns on the microphone and camera, accesses photos, contacts, and other information on a handheld, and potentially further compromises the device. Call logs can be altered, too, to hide the method of infection.

To pull this off this intrusion, the attacker has to carefully manipulate packets of data sent during the process of starting a voice call with a victim; when these packets are received by the target's smartphone, an internal buffer within WhatsApp is forced to overflow, overwriting other parts of the app's memory and leading to the snoop commandeering the chat application.

Engineers at Facebook scrambled over the weekend to patch the hole, designated CVE-2019-3568, and freshly secured versions of WhatsApp were pushed out to users on Monday. If your phone offers to update WhatsApp for you, do it, or check for new versions manually. The vulnerability is present in the Google Android, Apple iOS, and Microsoft Windows Phone builds of the app, which is used by 1.5 billion people globally.

"A buffer overflow vulnerability in WhatsApp VoIP [voice over IP] stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number," said Facebook in an advisory on Monday.

"The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15."

[...] Pegasus, once installed on a victim's device, can record phone calls, open messages, activate the phone's camera and microphone for further surveillance, and relay back location data. While NSO claims it carefully vets its customers, the malware has been found on the phones of journalists, human rights campaigners, lawyers, and others.

Also at: Ars Technica, Facebook.


Original Submission

Israeli Spyware Maker Is in Spotlight Amid Reports of Wide Abuses 21 comments

Israeli Spyware Maker Is in Spotlight Amid Reports of Wide Abuses

Data leaked to a consortium of news organizations suggests that several countries use Pegasus, a powerful cyberespionage tool, to spy on rights activists, dissidents and journalists.

A major Israeli cyber-surveillance company, NSO Group, came under heightened scrutiny Sunday after an international alliance of news outlets reported that governments used its software to target journalists, dissidents and opposition politicians.

The Israeli government also faced renewed international pressure for allowing the company to do business with authoritarian regimes that use the spyware for purposes that go far afield of the company's stated aim: targeting terrorists and criminals.

[...] The allegations may escalate concerns that the Israeli government has abetted government abuses by granting NSO an export license to sell software to countries that use it to suppress dissent.

The accounts, published by The Washington Post and an alliance of 16 other international news outlets, follow recent reporting by The [New York] Times that Israel permitted NSO to do business with Saudi Arabia, and encouraged it to keep doing so even after the Saudi government was implicated in the 2018 assassination of a Saudi journalist and dissident, Jamal Khashoggi.

Pegasus: The new global weapon for silencing journalists

Also at Business Insider, The Hill, The Verge, and Al Jazeera.

Related: Israeli Firm NSO Linked to WhatsApp Hack, Faces Lawsuit Backed by Amnesty International
Saudi Crown Prince's WhatsApp Account Reportedly Used to Hack Jeff Bezos
The Great iPwn -- Journalists Hacked with Suspected NSO Group iMessage 'Zero-Click' Exploit


Original Submission

U.S. Places Sanctions on NSO Group, Peddler of Pegasus Spyware 33 comments

The U.S. Blacklists Makers of Cops' Favorite iPhone Hacking Tool:

NSO Group, an Israeli surveillance firm whose spyware has been peddled to authoritarian governments around the world, has been sanctioned by the U.S. Commerce Department. The new restrictions, which the agency announced in a press release Wednesday, will limit the degree to which American companies can provide parts or services to NSO—a decision that could seriously hobble the vendor's business.

NSO is best known for its commercial malware "Pegasus," a product that can infiltrate smartphones and silently pilfer their contents—from text messages to voice calls to photos. The company also sells a creepy "zero-click" exploit, the likes of which apparently requires no phishing and is said to take advantage of security flaws inherent in iPhones and Android devices to compromise them. In September, it was reported that some 1.65 billion Apple devices had been vulnerable to NSO's malware for a period of several months.

See also: US Cuts Off Pegasus Developer: What You Need To Know About This Spyware

Previously: Israeli Firm NSO Linked to WhatsApp Hack, Faces Lawsuit Backed by Amnesty International
Saudi Crown Prince's WhatsApp Account Reportedly Used to Hack Jeff Bezos
The Great iPwn -- Journalists Hacked with Suspected NSO Group iMessage 'Zero-Click' Exploit
Israeli Spyware Maker Is in Spotlight Amid Reports of Wide Abuses


Original Submission #1Original Submission #2

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by RamiK on Friday May 24 2019, @08:29PM (4 children)

    by RamiK (1813) on Friday May 24 2019, @08:29PM (#847340)

    The vulnerability was used in an attempted attack on the phone of a UK-based attorney on 12 May, the FT reported. The lawyer, who was not identified by name, is involved in a lawsuit against NSO brought by a group of Mexican journalists, government critics and a Saudi Arabian dissident.

    Americans, Saudis and Israelis joining hands, to screw everyone else over.

    Money sure makes the strangest bedfellows.

    --
    compiling...
    • (Score: 2, Informative) by Anonymous Coward on Friday May 24 2019, @08:57PM (3 children)

      by Anonymous Coward on Friday May 24 2019, @08:57PM (#847354)

      The USA is merely a golem for Israel cf. the following:

        - The Oded Yinon Plan of 1982 [globalresearch.ca] and cross reference it with the list of countries in the Middle East that have been invaded by the US military.
        - Stuxnext [washingtonpost.com], sanctioned by Obama, created by US and Israeli security firms, and the current Israeli/US conquest against Iran.
        - Donald [bbc.com] Trump's [bbc.com] pro-Israel [bbc.com] policies.

      Saudi, OTOH, why do they have membership of the UN again, exactly? Their human rights record is absurd.

  • (Score: 1, Flamebait) by VLM on Friday May 24 2019, @10:28PM (5 children)

    by VLM (445) Subscriber Badge on Friday May 24 2019, @10:28PM (#847383)

    The Israeli firm

    Isn't it antisemitic to complain about their actions? You know they're not going to get any unfavorable press coverage.

    a lawsuit backed by Amnesty International

    Can hear the whining on CNN already "Alt right nazis filed a lawsuit against ..."

    • (Score: 0) by Anonymous Coward on Friday May 24 2019, @11:31PM (3 children)

      by Anonymous Coward on Friday May 24 2019, @11:31PM (#847412)

      Can hear the whining on CNN already

      https://www.ngo-monitor.org/amnesty-international-singling-out-jews-in-2019/ [ngo-monitor.org]

      Isn't it antisemitic to complain about their actions? You know they're not going to get any unfavorable press coverage.

      Depends. Are you going to call for banning American goods over the treatments of immigrants, minorities and prisoners in the US? Are you going to boycott Chinese products over their actions? Or the Russians maybe?

      Alternatively, locally, when a school shooting occurs, do you point the finger at the gun companies and complain about their actions?

      Israel does a lot of bad things. But quantitatively and qualitatively it just doesn't compare to anything else done in the region. It's fine to hold them to a higher standard being a nuclear power. But unless you consistently apply the same moral absolutism standards to the other nuclear powers, that specific form of hypocrisy is probably antisemitic.

      • (Score: 2, Funny) by Ethanol-fueled on Saturday May 25 2019, @12:19AM

        by Ethanol-fueled (2792) on Saturday May 25 2019, @12:19AM (#847432) Homepage

        School and Synagogue shootings are done by Mossad. Everybody knows that whether or not people actually "died" in those shootings, Mossad and crisis actors are behind it.

      • (Score: 3, Interesting) by shortscreen on Saturday May 25 2019, @08:01AM

        by shortscreen (2252) on Saturday May 25 2019, @08:01AM (#847534) Journal

        Depends. Are you going to call for banning American goods over the treatments of immigrants, minorities and prisoners in the US? Are you going to boycott Chinese products over their actions? Or the Russians maybe?

        Alternatively, locally, when a school shooting occurs, do you point the finger at the gun companies and complain about their actions?

        Israel does a lot of bad things. But quantitatively and qualitatively it just doesn't compare to anything else done in the region.

        The difference between Israel and other random countries that do bad things, is that those other countries don't wield massive influence in Washington D.C. nor are they continuously held up as paragons of freedom and democracy.

        Many Americans were upset about the (bogus) idea that Trump had loyalties to the Russian government. Why shouldn't they be upset about a foreign country for which politicians have openly declared loyalties, which receives foreign aid, and which has a clear influence on US foreign policy?

      • (Score: -1, Troll) by Anonymous Coward on Saturday May 25 2019, @01:47PM

        by Anonymous Coward on Saturday May 25 2019, @01:47PM (#847583)

        > ...it just doesn't compare to anything else done in the region.

        nice try mossad shill

    • (Score: 1, Informative) by Anonymous Coward on Friday May 24 2019, @11:48PM

      by Anonymous Coward on Friday May 24 2019, @11:48PM (#847419)

      Any criticism of Israel is antisemitic. Even indirect criticism.

(1)