Israeli firm NSO Group faces claims that its technology can use a security hole in #WhatsApp -used by 1.5 billion people- to break into users' iPhone and Android phones.
"Digital attackers could use the vulnerability to insert malicious code and steal data from an Android phone or an iPhone simply by placing a WhatsApp call, even if the victim did not pick up the call. As WhatsApp's engineers examined the vulnerability, they concluded that it was similar to other tools from the NSO Group, because of its digital footprint."
NSO Group said in a statement on Monday that its spyware was strictly licensed to government agencies and that it would investigate any "credible allegations of misuse." The company said it would not be involved in identifying a target for its technology, including the lawyer at the center of the latest accusations.
...
But increasingly, NSO's spyware has been discovered in use by governments with questionable human-rights records like the United Arab Emirates, Saudi Arabia and Mexico.
The Israeli company sold a stake to Novalpina, a British private equity firm, in a leveraged buyout deal last year that valued it at nearly $1 billion.
...
"NSO and Novalpina have spent several months telling the world that there are adults in the room and telegraphing that they have made a commitment to close oversight," said John Scott-Railton, a senior researcher at Citizen Lab. "Yet even 24 hours ago, we observed what some believe to be an NSO infection attempt against a human-rights lawyer.
"As this case makes it very clear — if indeed this was NSO — there is still a very serious abuse problem," Mr. Scott-Railton added.
See the whole article here: https://www.nytimes.com/2019/05/13/technology/nso-group-whatsapp-spying.html