Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy Security

WhatsApp Hacked To Spy on Top Government Officials at US Allies (reuters.com) 42

Senior government officials in multiple U.S.-allied countries were targeted earlier this year with hacking software that used Facebook's WhatsApp to take over users' phones, Reuters reported Thursday, citing people familiar with the messaging company's investigation. From a report: Sources familiar with WhatsApp's internal investigation into the breach said a "significant" portion of the known victims are high-profile government and military officials spread across at least 20 countries on five continents. The hacking of a wider group of top government officials' smartphones than previously reported suggests the WhatsApp cyber intrusion could have broad political and diplomatic consequences. WhatsApp filed a lawsuit on Tuesday against Israeli hacking tool developer NSO Group. The Facebook-owned software giant alleges that NSO Group built and sold a hacking platform that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 users. While it is not clear who used the software to hack officials' phones, NSO says it sells its spyware exclusively to government customers.
This discussion has been archived. No new comments can be posted.

WhatsApp Hacked To Spy on Top Government Officials at US Allies

Comments Filter:
  • Well, so much for only downloading from giant, well-known corporate web sites.

    • Signal seems OK. But the only people I know who use are security aware friends.

      • That appears to be the consensus as far as Signal itself goes. But the real vulnerability with these apps is the OS they sit on. We are seeing an increase in the number of security compromises that allow a rogue app to access what should be segregated memory and access the data for these apps before encryption and after decryption. The device is the real security risk at this point.
        • It depends somewhat on the circumstances, but yes, many systems today (E.G. Phones and PCs) fail to employ defense in depth at the application/OS interface. It's enough for either to fail to compromise the other, rather than needing both to fail.

        • by Shaitan ( 22585 )

          "the OS they sit on. We are seeing an increase in the number of security compromises "

          There are backdoors for the carrier. These are known to be compromised out of the gate.

          • But even having access to the data stream of the carrier does you no good unless you either have the key used by the receiving party to decrypt the message or the computational power to try to brute force it.
            • Uh yeah. Until they do an OTA update to your phones. You can do all the fancy whatever you want, but if the device is compromised, the stuff sitting on top of it is compromised as well.

              Host-proof computing with fully homomorphic encryption. That's the only real solution anyone's proposed, and while IBM, et al. are working on it, it's still a long ways off from consumer silicon.

        • by AHuxley ( 892839 )
          The "rogue app" is the smartphone by design. What every nations police and mil get access into is not staying a secret.
        • by rtb61 ( 674572 )

          This is actually a criminal act and make no mistake. They used a flaw in a computer program to hack that device, they did not declare that flaw, neither them, NOR THE FUCKING GOVERNMENTS WHO BOUGHT IT, who left their citizens exposed to that flaw, in the most criminal fashion imaginable. Not only were they aware of the criminal act to create the programme but they were criminally using it themselves whilst leaving all their own citizens exposed to that flaw and the criminal program designed to exploit it.

          I

      • With apps like Signal who have a solid pedigree, why would anyone waste their time on WhatsApp? No app is perfect, but Signal has proven itself to be pretty solid, ever since the days of TextSecure.

        IMHO, I just don't trust WhatsApp. I'd sooner trust Telegram than it, and that's saying a lot.

  • by lactose99 ( 71132 ) on Thursday October 31, 2019 @01:02PM (#59366948)

    And these are the same people that want to dismantle end-to-end encryption for "legal intercept?"

    Lol ok

  • Top government officialls are using Whatsapp on government-owned phones, or conducting government business on their private phones? What the fuck is wrong with them?

  • Any US government person conducting official government business should be using a government managed device that doesn't permit installing anything other than patches.

    Social media apps are verboten.

  • Who spies on US allies? Answer: The US. ( See also: https://www.reuters.com/articl... [reuters.com] ) How any other nation-state still gives the US the time of day is beyond this mere mortal's comprehension. It's like they're all self-loathing.
    • by green1 ( 322787 )
      2 reasons: 1) money - The US is still the largest consumer market (in terms of dollars spent, not in terms of number of consumers), and the US government is happy to do trade wars with anyone and everyone. No nation wants to be on the receiving end of that. 2) force - The US has the largest military in the world, and they have never been shy about using it to dispose of regimes that don't kowtow to their every whim. In summary: fear. The US is a bully, and gets away with it because they're big, and no othe
      • Re: (Score:2, Insightful)

        by Chromal ( 56550 )
        Seems like a reasonable perspective. Personally, my vote would be for a strengthened United Nations: a global federated system built on witheringly strong environmental, anti-fascist, pacifist, human rights, and anti-corruption principles in order to always serve the needs of humanity and Earth first and foremost above partisan and pecuniary concerns.
        • by green1 ( 322787 ) on Thursday October 31, 2019 @02:13PM (#59367258)

          The only way that could work would be if the UN no longer gave specific powers veto rights over all others, and unfortunately, those powers will always veto any change to their vetoes meaning that there is no possible way to change the existing UN to be workable for this purpose.

        • by AHuxley ( 892839 )
          The UN that has Communist China? The place juntas and theocracies get to set global standards on freedom? That UN?
          A "global federated system built" by Communist, people of faith and their best mil advice on staying in power?
          • by Chromal ( 56550 )
            The UN that has UNESCO, the Universal Declaration of Human Rights, the UN that promotes peace and dialog and diplomacy and humanity coming together. That UN. It's clear US moral authority to lead the free world has been lost to corruption, now we must seek redress from higher authority than that of our nation-state's abjectly failed US Federal Government.
            • by AHuxley ( 892839 )
              Re 'Universal Declaration of Human Rights" that Communist nations, juntas and theocracies sit around and talk about?
              That "dialog and diplomacy" is just a cover for their and expanded embassy staff to do more spy work.
              Re what "higher authority"? Communist nations? Nations spreading a faith of war? Some junta spying on the USA?
              Some distant nation with a faith that places it above all overt nations? That kind of "higher authority" at the "UN"?
              US freedoms look great vs the govs/mil at the "UN"
        • Seems like a reasonable perspective. Personally, my vote would be for a strengthened United Nations: a global federated system built on witheringly strong environmental, anti-fascist, pacifist, human rights, and anti-corruption principles in order to always serve the needs of humanity and Earth first and foremost above partisan and pecuniary concerns.

          What you want is called a "war". None of those things will happen without violence. History bears this out repeatedly.

      • Of course the question is, would the world be better off in the hands of the Russians and the Chinese?

        Don't forget that many parts of the US (and other countries) have already been sold to the highest bidder, so foreign influence is aplenty, which makes the "fake freedom show" even funnier.

        I don't use messaging clients, but the users were probably just sold-out to the highest bidder. Whats good for the goose, is good for the gander.
    • our allies have been spying on the USA for decades as well

      it's how the world works

    • That is kinda the point. ;)

      We fly flags of (ungay) pride for this shit!

      • by Chromal ( 56550 )
        It's hardly something worth celebrating. It's a mark of shame, not pride. And it makes us less secure, not more secure.
  • Don't carry a 'phone' with you every where you go, and wear a bag on your head.
    • by AHuxley ( 892839 )
      The smartphone and the consumer OS is the way in.
      If your important have a very seperate network. Try paper, a typewriter for "notes", meeting in person without the smartphone "on".
      Stop allowing other nations, their mil, their gov, contractors from using your smartphone to collect with.
  • WhatsApp Hacked To Spy on...US Allies

    No worries, Trump solved that by shedding allies. The genius is two steps ahead of the spies.

  • If you do government or critical work on ANY computing device you shouldn't have whatsapp or any other social media on that device. There is a reason most companies limit what you do on your work computer. I would hold the managers of the employees compromised responsible and have them justify why they let government officials conduct work on their personal cell phones.
  • To add a backdoor to its closed source.

    Unless of course, they can simply come in with an NSL.

Never test for an error condition you don't know how to handle. -- Steinbach

Working...