Last week, we reported how Pegasus, the spyware developed by the NSO Group was found to allow remote access to a group of journalists’ smartphone data. It was even found that South African president Cyril Ramaphosa’s name and number was found on a database of suspected spyware targets. Now, WhatsApp’s chief Will Cathcart detailed that the recent investigation’s findings coincide with a major attack on the app in 2019.
According to Cathcart, the data captured in the investigation by major media houses detailed similar information to what WhatsApp found during its major attack two years ago. In addition, the messaging app’s chief also questioned NSO’s claim that the leaked list of targeted suspects is an ‘exaggeration’.
The WhatsApp hack in question was found to have targeted 1,400 people in only two weeks, and many details pointed to Pegasus’ software being the culprit. In that hack, senior government officials were targeted across the globe, including many individuals with ties to US security. Following this, WhatsApp and its parent company Facebook sued NSO Group.
“This should be a wake up call for security on the internet … mobile phones are either safe for everyone or they are not safe for everyone,” Cathcart said to the Guardian, which is also part of the group of media organisations that investigated the recent attacks.
More importantly, however, the WhatsApp chief calls for increased accountability when it comes to spyware and the use thereof. According to NSO Group, its software is mainly used to track the data of potential terrorists and criminals. “NSO has described its customers as 60 intelligence, military, and law enforcement agencies in 40 countries. It claims its clients, which it does not identify citing confidentiality, are only allowed to use Pegasus to prevent and investigate crime and counterterrorism,” Gizmodo reports.
But what if it isn’t? As you’ll find with many tech companies — what the website says, and what the software/hardware is actually used for may differ remarkably.