WhatsApp confirms 2019 attack on Catalan politician’s cellphone
WhatsApp, the messaging application company owned by Facebook,
has confirmed that the speaker of the Catalan parliament, Roger Torrent, was
the target of a 2019 spyware attack.
The mobile phone of the leading pro-independence politician
was targeted through a WhatsApp security flaw discovered last year that allowed
attackers to install spyware simply by placing a call that did not need to be
answered.
Torrent was one of several users targeted in an attack that
used spyware developed by the Israeli company NSO Group, which says it only
sells to government clients. The Catalan politician has pointed at the “Spanish
state” as being behind the hacking attempt, a claim that Spain’s executive has
denied.
In a message to Torrent seen by EL PAÍS and The Guardian,
which broke the story in mid-July, Niamh Sweeney, WhatsApp’s director of public
policy for Europe, the Middle East and Asia, said that Torrent’s phone was
“targeted in an attempt to gain unauthorized access to data and communications
on the device.”
“By ‘targeted’ we are referring to the fact that the
attackers attempted to inject malicious code into Mr Torrent’s WhatsApp
application,” wrote Sweeney, adding that the company could not confirm whether
the attack was successful, “as this could only be achieved through an
exhaustive forensic analysis of the device.”
A joint investigation by EL PAÍS and The Guardian recently
revealed that a spyware program called Pegasus and made by NSO Group was used
between April and May 2019 to try to hack into the cellphones of Catalan
pro-independence politicians. These included Torrent as well as Ernest
Maragall, a regional lawmaker for the Catalan Republican Left (ERC), and Anna
Gabriel, a former lawmaker for the far-left CUP party who fled to Switzerland
following the failed attempt at unilateral secession from Spain in 2017.
The Pegasus program took advantage of WhatsApp’s security
flaw to target the phones, according to Citizen Lab, a cybersecurity group from
the Munk School of Global Affairs and Public Policy at the University of
Toronto that collaborated with WhatsApp to investigate the messaging service’s
vulnerability.
Last week, Torrent and Maragall announced that they were
taking legal action against Félix Sanz Roldán, the former head of Spain’s
National Intelligence Center (CNI). Both Catalan leaders claim the cyberattack
was part of a strategy by the “Spanish state” against the independence movement
in the northeastern region.
Interior Minister Fernando Grande-Marlaska last week stated
in Congress that neither the Spanish executive nor the CNI carried out the
attack. And the CNI – which has access to Pegasus and was a client of NSO
Group’s rival company Hacking Team until 2015 – has stated that it always
abides by the law and reports its actions to the Supreme Court for oversight.
EL PAÍS was unable to reach NSO Group for comment. The
company says it only sells its products to government agencies including police
forces, the army and intelligence services, and that it is the clients who
decide what to do with the programs they purchase.
The Pegasus program can take control of handsets, listen to
conversations, read messages, access files, take screenshots and activate the
camera and microphone via remote control.
Citizen Lab, the Toronto University group that investigated
the security flaw, estimated that around 100 of the 1,400 WhatsApp users
targeted by Pegasus in 2019 were diplomats, journalists, lawyers and
politicians from all over the world.
“As part of our investigation into the incident, Citizen Lab
has identified over 100 cases of abusive targeting of human rights defenders
and journalists in at least 20 countries across the globe, ranging from Africa,
Asia, Europe, the Middle East, and North America,” said the group in an October
2019 release.
Comments
Post a Comment