WhatsApp Hacked To Spy on Top Government Officials at US Allies

Senior government officials in multiple U.S.-allied countries were targeted earlier this year with hacking software that used Facebook's WhatsApp to take over users' phones, Reuters reported Thursday, citing people familiar with the messaging company's investigation. From a report: Sources familiar with WhatsApp's internal investigation into the breach said a "significant" portion of the known victims are high-profile government and military officials spread across at least 20 countries on five continents. The hacking of a wider group of top government officials' smartphones than previously reported suggests the WhatsApp cyber intrusion could have broad political and diplomatic consequences. WhatsApp filed a lawsuit on Tuesday against Israeli hacking tool developer NSO Group. The Facebook-owned software giant alleges that NSO Group built and sold a hacking platform that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 users. While it is not clear who used the software to hack officials' phones, NSO says it sells its spyware exclusively to government customers.

Up to date

[Impy the Impiuos Imp]

Well, so much for only downloading from giant, well-known corporate web sites.

Re:

[TechyImmigrant]

Signal seems OK. But the only people I know who use are security aware friends.

Re:

[michaelwigle]

That appears to be the consensus as far as Signal itself goes. But the real vulnerability with these apps is the OS they sit on. We are seeing an increase in the number of security compromises that allow a rogue app to access what should be segregated memory and access the data for these apps before encryption and after decryption. The device is the real security risk at this point.

Re:

[TechyImmigrant]

It depends somewhat on the circumstances, but yes, many systems today (E.G. Phones and PCs) fail to employ defense in depth at the application/OS interface. It's enough for either to fail to compromise the other, rather than needing both to fail.

Re:

[Shaitan]

"the OS they sit on. We are seeing an increase in the number of security compromises "

There are backdoors for the carrier. These are known to be compromised out of the gate.

Re:

[michaelwigle]

But even having access to the data stream of the carrier does you no good unless you either have the key used by the receiving party to decrypt the message or the computational power to try to brute force it.

Re:

[weilawei]

Uh yeah. Until they do an OTA update to your phones. You can do all the fancy whatever you want, but if the device is compromised, the stuff sitting on top of it is compromised as well.

Host-proof computing with fully homomorphic encryption. That's the only real solution anyone's proposed, and while IBM, et al. are working on it, it's still a long ways off from consumer silicon.

Re:

[AHuxley]

The "rogue app" is the smartphone by design. What every nations police and mil get access into is not staying a secret.

Re:

[rtb61]

This is actually a criminal act and make no mistake. They used a flaw in a computer program to hack that device, they did not declare that flaw, neither them, NOR THE FUCKING GOVERNMENTS WHO BOUGHT IT, who left their citizens exposed to that flaw, in the most criminal fashion imaginable. Not only were they aware of the criminal act to create the programme but they were criminally using it themselves whilst leaving all their own citizens exposed to that flaw and the criminal program designed to exploit it.

I

Re:

[ctilsie242]

With apps like Signal who have a solid pedigree, why would anyone waste their time on WhatsApp? No app is perfect, but Signal has proven itself to be pretty solid, ever since the days of TextSecure.

IMHO, I just don't trust WhatsApp. I'd sooner trust Telegram than it, and that's saying a lot.

a likely story

[lactose99]

And these are the same people that want to dismantle end-to-end encryption for "legal intercept?"

Lol ok

Let them go first.

[BAReFO0t]

Surely they can prove the superiority of that choice, by doing it for a decade, before shoving it onto us, right! :D

Top government officialls are using Whatsapp?

[Tough Love]

Top government officialls are using Whatsapp on government-owned phones, or conducting government business on their private phones? What the fuck is wrong with them?

Re:

[known_coward_69]

in the USA lots of government officials have been caught using non-official tools to keep conversations and discussions out of the official record and away from the media

Re:

[PaulBu]

Even one presidential candidate recently... ;-)

Re:

[Tough Love]

Err, I am sure you typoed and really meant one president [businessinsider.com]

Well, their families are "forced" to use it.

[BAReFO0t]

By their peer groups who all only use WhatsApp. Because they got no thinking abilities of their own, as that is frowned upon nowadays, in the Average Joe Livestock world.

Re:

[Tough Love]

they got no thinking abilities of their own, as that is frowned upon nowadays

It certainly won't get you a job as a republican.

Who do you think you are, Hillary Clinton?

[schwit1]

Any US government person conducting official government business should be using a government managed device that doesn't permit installing anything other than patches.

Social media apps are verboten.

Who spies on US allies?

[Chromal]

Who spies on US allies? Answer: The US. ( See also: https://www.reuters.com/articl... [reuters.com] ) How any other nation-state still gives the US the time of day is beyond this mere mortal's comprehension. It's like they're all self-loathing.

Re:

[green1]

2 reasons: 1) money - The US is still the largest consumer market (in terms of dollars spent, not in terms of number of consumers), and the US government is happy to do trade wars with anyone and everyone. No nation wants to be on the receiving end of that. 2) force - The US has the largest military in the world, and they have never been shy about using it to dispose of regimes that don't kowtow to their every whim. In summary: fear. The US is a bully, and gets away with it because they're big, and no othe

Re:

[Chromal]

Seems like a reasonable perspective. Personally, my vote would be for a strengthened United Nations: a global federated system built on witheringly strong environmental, anti-fascist, pacifist, human rights, and anti-corruption principles in order to always serve the needs of humanity and Earth first and foremost above partisan and pecuniary concerns.

Re:Who spies on US allies?

[green1]

The only way that could work would be if the UN no longer gave specific powers veto rights over all others, and unfortunately, those powers will always veto any change to their vetoes meaning that there is no possible way to change the existing UN to be workable for this purpose.

Re:

[AHuxley]

The UN that has Communist China? The place juntas and theocracies get to set global standards on freedom? That UN?
A "global federated system built" by Communist, people of faith and their best mil advice on staying in power?

Re:

[Chromal]

The UN that has UNESCO, the Universal Declaration of Human Rights, the UN that promotes peace and dialog and diplomacy and humanity coming together. That UN. It's clear US moral authority to lead the free world has been lost to corruption, now we must seek redress from higher authority than that of our nation-state's abjectly failed US Federal Government.

Re:

[AHuxley]

Re 'Universal Declaration of Human Rights" that Communist nations, juntas and theocracies sit around and talk about?
That "dialog and diplomacy" is just a cover for their and expanded embassy staff to do more spy work.
Re what "higher authority"? Communist nations? Nations spreading a faith of war? Some junta spying on the USA?
Some distant nation with a faith that places it above all overt nations? That kind of "higher authority" at the "UN"?
US freedoms look great vs the govs/mil at the "UN"

Re:

[Chromal]

It must be very interesting to see the world as you do. I beg to differ, cheers.

Re:

[weilawei]

Seems like a reasonable perspective. Personally, my vote would be for a strengthened United Nations: a global federated system built on witheringly strong environmental, anti-fascist, pacifist, human rights, and anti-corruption principles in order to always serve the needs of humanity and Earth first and foremost above partisan and pecuniary concerns.

What you want is called a "war". None of those things will happen without violence. History bears this out repeatedly.

Re: Who spies on US allies?

[aSplash0fDerp]

Of course the question is, would the world be better off in the hands of the Russians and the Chinese?

Don't forget that many parts of the US (and other countries) have already been sold to the highest bidder, so foreign influence is aplenty, which makes the "fake freedom show" even funnier.

I don't use messaging clients, but the users were probably just sold-out to the highest bidder. Whats good for the goose, is good for the gander.

Re:

[known_coward_69]

our allies have been spying on the USA for decades as well

it's how the world works

Well, the US *is* number one!

[BAReFO0t]

That is kinda the point. ;)

We fly flags of (ungay) pride for this shit!

Re:

[Chromal]

It's hardly something worth celebrating. It's a mark of shame, not pride. And it makes us less secure, not more secure.

If you want privacy and some security.

[Fly Swatter]

Don't carry a 'phone' with you every where you go, and wear a bag on your head.

Re:

[AHuxley]

The smartphone and the consumer OS is the way in.
If your important have a very seperate network. Try paper, a typewriter for "notes", meeting in person without the smartphone "on".
Stop allowing other nations, their mil, their gov, contractors from using your smartphone to collect with.

Here goes my moderation points...

[Tablizer]

WhatsApp Hacked To Spy on...US Allies

No worries, Trump solved that by shedding allies. The genius is two steps ahead of the spies.

The US never had allies.

[BAReFO0t]

Only vassals it hated less. ;)

obvious solution

[FeelGood314]

If you do government or critical work on ANY computing device you shouldn't have whatsapp or any other social media on that device. There is a reason most companies limit what you do on your work computer. I would hold the managers of the employees compromised responsible and have them justify why they let government officials conduct work on their personal cell phones.

Should've just paid Facebook like everyone else.

[BAReFO0t]

To add a backdoor to its closed source.

Unless of course, they can simply come in with an NSL.

Australia govt use(s/d) WhatsApp at highest levels

[jezwel]

Even though warned by own infosec:

https://www.smh.com.au/politic... [smh.com.au]