Comments
If it were a malware targeting a computer or a mobile phone, by stealthily entering the devices luring the users to click a malicious link, people would not have been surprised.
A malware targeting WhatsApp accounts of users have shocked the world because the social media platform promised a secure transmission of data between devices.
The latest snooping story reads like a sci-fi movie, with bad guys sitting in isolated geographies, launching surreptitious malware attacks on targets, stealing information by lurking there without the victims noticing the damage.
The Facebook arm still claims that there’s no problem with the encryption and decryption handled by it. They hackers have infected the phones to steal the information, it said.
But how could the spyware Pegasus, used by the Israeli firm NSO, could break into about 1,400 people (the number could grow), mostly human rights activists, lawyers, government officials and journalists?
The modus operandi
In this particular attack, which rocked the country, the Israeli group used sophisticated tools. The hackers have created WhatsApp accounts using telephone numbers registered in countries during January 2018 and May 2019. They used these numbers as launch pads to send a malicious code to target devices in April and May 2019.
In complaint against the hackers that was filed in a US Court, WhatsApp said that phone numbers were registered in countries like Cyprus, Israel, Brazil, Indonesia, Sweden, and the Netherlands.
“They leased servers and internet hosting services in different countries, including the United States, in order to connect the target devices to a network of remote servers intended to distribute malware and relay commands to the target devices,” WhatsApp has explained.
The attack is so sophisticated that the victim need not click on a link or provide some information to the hacker as it happens in normal cyber attacks.
“The victim need not take any action, such as clicking a link or opening a message (known as remote installation),” WhatsApp told the US district court in California.
After being installed in a device, the spyware establishes a information route, enabling the hacker to intercept and extract information and communications from the infected devices. The deadly spyware Pegasus could “remotely and covertly extract valuable intelligence from virtually any mobile device.” The malware is so powerful it could compromise Telegram, WeChat, Facebook Messenger, WhatsApp, and other messaging platforms. It can work on phones with iOS, Android and Blackberry.
It is so flexible that it could be customized for different purposes, including to intercept communications, capture screenshots, and copy browsing history and contacts from the device.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.