WhatsApp Malware Lawsuit Exposes Risks of Using Public Messaging Services

The recent lawsuit filed by WhatsApp against Israeli firm NSO Group, accusing the company of being responsible for cyber-attacks targeting “at least 100” journalists, academics, human rights activists and lawyers, has brought the security of the service into full public view.
According to the BBC, the Facebook-owned messaging service is suing the Israeli intelligence software company, accusing it of sending malware technology to around 1,400 mobile phones and devices “designed to infect the Target Devices for the purpose of conducting surveillance”, over a 2-week period in April and May this year.

But  what does this mean and should we stop using the WhatsApp platform?

The targeting of individuals via their mobile device is becoming ever more sophisticated. With these devices now containing the keys to a person’s professional and private life, it's not a surprise that significant time, effort and money is being spent to work out ways to access this valuable information.

Whilst companies such as Google and Facebook harvest data by users accessing their services (Cambridge Analytica anyone?) a more sinister threat is the use of these platforms to distribute computer viruses that will infect the user’s device and steal all the data that then resides on it. This includes photos, emails, financial information and passwords.

In this case, WhatsApp said that it had “detected and stopped” NSO Group’s unauthorised access in May 2019. “ [NSO Group] developed their malware in order to access messages and other communications after they were decrypted on Target Devices,” WhatsApp said in its Court filing.
But that is when the threat was, it is claimed, stopped in its tracks. But what is less clear how much damage was caused and the volume of data stolen. All this from a company who spend billions a year on trying to protect its users from exactly this kind of threat.

Unfortunately for the user, until the issue was discovered, there was no way to protect against this attack – unless they stopped using Whatsapp altogether! Simply calling a number over Whatsapp was enough to compromise that users device and steal all the data as the attack was designed to circumvent device and software encryption.

The question now exists as to whether other IM services such as Telegram, Viber, WeChat, Signal and others are now vulnerable to the same attack – but just have not discovered it yet.
Mobile devices remain the repository for our most sensitive information, with a recent estimate claiming that there are 7 billion mobile phones in use across the world. They will continue to be targeted with sophisticated attacks, making the importance of keeping your phone up to date ever greater.