Journalists, activists and academics in India were targeted by spyware known as Pegasus back in May 2019. WhatsApp now knows who was behind the attack.
WhatsApp took measures to alert and protect users affected by the spyware. In addition, Facebook – which owns WhatsApp – sued an Israeli cyber-surveillance firm for allegedly hacking users’ phones.
The lawsuit was filed in San Francisco on 29 October 2019 and can be viewed here. According to Facebook, it’s the first legal action of its kind.
Who is behind the Pegasus cyber attacks?
Facebook stipulated that NSO Group Technologies target approximately 1 400 human rights activists, political dissidents and journalists in India.
Head of WhatsApp, Will Cathcart, explained that the company detected a similar attack in May 2019. A user would receive what appeared to be a voice call.
The attacker could then secretly transmit malicious code to infect the user’s phone with spyware, even if the person didn’t answer the video call. Cathcart explains:
“After months of investigation, we can say who was behind this attack. [We] have filed a complaint in federal court that explains what happened and attributes the intrusion to an international technology company called NSO Group.”
He added that WhatsApp and Facebook can “say with confidence” that the NSO Group is behind the spyware attacks:
“We gathered the information that we lay out in our complaint, we learned that the attackers used servers and Internet-hosting services that were previously associated with NSO. In addition, as our complaint notes, we have tied certain WhatsApp accounts used during the attacks back to NSO. While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful.”
What is Pegasus spyware?
According to The Citizen Lab, Pegasus – also known as Q Suite and Trident – has the “ability to infiltrate both Android and iOS devices”.
The spyware “uses a number of ways to hack into a target’s mobile devices, including using zero-day exploits”.
A zero-day exploit is essentially a cyber attack that occurs on the same day a weakness is discovered in software. The vulnerability is then exploited before the developer rolls out a solution.
Who was hacked using Pegasus?
The specifics are still unclear, but it is believed that approximately 1 400 users in India were specifically targeted. WhatsApp confirmed in a statement:
“We sent a special WhatsApp message to approximately 1 400 users that we have reason to believe were impacted by the attack to directly inform them about what happened. Cyber security experts at the Citizen Lab, an academic research group based at the University of Toronto’s Munk School, volunteered to help us to learn more about the impact of this attack on civil society, including journalists and human rights defenders. The Citizen Lab has published information related to this specific attack here and remains available to provide support to this community.
How to protect against cyber-attacks?
Cyber criminals will find new and exciting ways to target users. If they really want access to your information, they will find it. However, there are certain measures you could take to protect yourself.
The simplest way is to keep your apps up to date. App developers will roll out a new update to fix certain issues and vulnerabilities, and it’s vital to update your app as soon as a new version becomes available.
How to update your WhatsApp
- Open the Play Store and tap on the three lines in the top left corner
- Go to ‘My Apps & Games’
- Select ‘WhatsApp’ and tap ‘Update.’
- Open the App Store and select updates
- Select ‘WhatsApp’ and click ‘Update.’