[HACKING] A WhatsApp vulnerability enabled a spyware society to infiltrate the phones of hundreds of journalists and political dissidents

Instant messaging application WhatsApp announced its intention to sue the Israeli cyber surveillance company NSO Group last October. The American giant accused the latter of taking advantage of the messaging service’s security vulnerabilities to spy on its customers. NSO specializes in spyware and is thus accused of having reportedly exploited the application’s voice calls functionality to access the content of its targets’ phones. The identity of the said-victims are worth mentioning as they include, amongst others, many journalists, activists and lawyers. In total, the security of 1400 devices was compromised and the method used resembles NSO’s tools. Moreover, this is not the first scandal in which the NSO Group is involved. Whilst officially, the society claims to help “governments and authorities in the fight against terrorism and crime”, many human rights associations have accused it of spying on journalists and political dissidents on behalf of certain governments, such as Mexico or Panama. An attack of this magnitude therefore highlights the highly secretive practices of the spyware market and its customers, and the lack of regulation from which these companies benefit.