WhatsApp has filed a lawsuit in federal court accusing an Israeli company (nso Group) ότι ανέπτυξε monitoring software used hundreds of times to track its users.
The lawsuit, filed in California federal court, states that the Israeli company “developed the malware για αποκτήσει πρόσβαση σε μηνύματα και άλλες information, after they were encrypted” on the victims' devices.
The malicious one software but it worked by exploiting an audio vulnerability-calls that existed in the WhatsApp application code.
To users εμφανιζόταν μια συνηθισμένη κλήση, αλλά το κακόβουλο πρόγραμμα μόλυνε τη συσκευή με λογισμικό υποκλοπής spyware, δίνοντας στους επιτιθέμενους πλήρη πρόσβαση.
In some cases the infection happened so quickly, the victim's phone showed no complications at all duration of spyware loading.
Επειδή η εφαρμογή WhatsApp χρησιμοποιεί encryption end-to-end, είναι σχεδόν αδύνατο να έχετε πρόσβαση στα μηνύματα καθώς “ταξιδεύουν” στο διαδίκτυο. Όμως τα τελευταία χρόνια, διάφορες κυβερνήσεις και εταιρίες spyware έχουν αρχίσει να στοχεύουν τις συσκευές όπου στέλνονται ή λαμβάνονται τα μηνύματα. Η λογική είναι ότι αν καταφέρεις να κάνεις hack στη συσκευή, μπορείς να αποκτήσεις τα δεδομένα της.
What does WhatsApp say?
Η WhatsApp, που ανήκει στο Facebook, επιδιόρθωσε γρήγορα την ευπάθεια. Αν και η εταιρεία επιρρίπτει την ευθύνη στο NSO Group, η WhatsApp δεν κατηγόρησε δημοσίως την Ισραηλινή εταιρεία μέχρι και σήμερα.
In a post that went up Shortly after the lawsuit was filed, Wills Cathcart, head of WhatsApp, alleges that "the attackers were using servers and web hosting services that were used or associated with the NSO Group" and that certain WhatsApp accounts used during the attacks were also located in the Israeli company.
"Although their attack was very sophisticated, their attempts to cover their routes were not entirely successful," Cathcart said.
Overall, it appears that some 1.400 targeted devices have been affected by the hack, according to the lawsuit.
WhatsApp reported that the victims included more than 100 human rights defenders, journalists and "other members of civil society." The targets also included government officials and diplomats.
The NSO Group states: "We dispute the allegations and we will fight for it."
