Phones of Pakistani officials allegedly targeted by Israeli spyware

The phones of some two dozen Pakistani officials were allegedly targeted by spyware developed by Israeli firm NSO Group.

Among those possibly affected were top defense and intelligence officials in Pakistan, the Guardian reported Thursday.

The suspected technology was believed to have taken advantage of a security vulnerability in the WhatsApp messaging application.

Pakistan has not published details of the alleged hack, but the report said there were signals Pakistan’s government was working to address the issue.

It was unclear who was behind the apparent hacking, though the Guardian noted the incident could raise questions over whether Pakistani rival India is using NSO technology to spy on domestic and international targets.

Congress party General secretary Priyanka Vadra in red, takes selfie with her children after her brother Congress president Rahul Gandhi filed his nomination papers for the upcoming general elections in Amethi, Uttar Pradesh state, India, April 10, 2019. (AP Photo/Rajesh Kumar Singh)

NSO was accused last month of hacking an Indian opposition politician’s phone during the country’s election this year.

That revelation came days after the Facebook-owned WhatsApp filed a lawsuit in the US against the NSO Group, accusing it of using the hugely popular instant messaging platform to conduct cyber espionage on nearly 1,400 journalists, diplomats, dissidents and human right activists worldwide.

Also in November, Reuters reported that senior government and military officials from some 20 countries allied with the United States were targeted, citing people familiar with WhatsApp’s internal investigation.

The Israeli firm has said it only licenses its software to governments for “fighting crime and terror.”

According to Reuters, victims of the spying campaign included people in the United States, Mexico, Bahrain, United Arab Emirates, Pakistan and India, but it was unclear whether government officials in those countries were affected.

Nearly two dozen activists, lawyers and journalists were targeted in India — WhatsApp’s biggest market with some 400 million active users — according to Indian media reports.

New Delhi asked WhatsApp to “explain the kind of breach and what it is doing to safeguard the privacy of millions of Indian citizens,” Information and Technology Minister Ravi Shankar Prasad wrote on Twitter, denying the government had used the malware to spy on its citizens.

But opposition leaders accused the government of invading citizens’ privacy.

The logo of the Israeli company NSO Group is displayed on a building where they had offices in Herzliya until 2016. (AP Photo/Daniella Cheslow)

The head of WhatsApp has said the lawsuit was filed after an investigation showed NSO Group’s role in the cyberattack, despite its denials.

“NSO Group claims they responsibly serve governments, but we found more than 100 human rights defenders and journalists targeted in an attack last May. This abuse must be stopped,” Will Cathcart said on Twitter.

The lawsuit said NSO’s Pegasus software was designed to be remotely installed to hijack devices using the Android, iOS and BlackBerry operating systems.

The complaint said the attackers “reverse-engineered the WhatsApp app and developed a program to enable them to emulate legitimate WhatsApp network traffic in order to transmit malicious code” to take over the devices.

The suit calls on the court to order NSO Group to stop any such attacks and asks for unspecified damages.

NSO Group came to prominence in 2016 when researchers accused it of helping spy on an activist in the United Arab Emirates.

Its best-known product is Pegasus, a highly invasive tool that can reportedly switch on a target’s phone camera and microphone, and access data on it.

AFP contributed to this report.