For years, WhatsApp bets on advanced security characteristics. End -to -end encryption is one of the most relevant, designed so that only a conversation participants can see or listen to what is shared. But we should not confuse: although the application is presented as a strength, Its walls are not unwavering.
The most recent example of this reality comes from the goal itself. As the Guardian collects, the company led by Mark Zuckerberg has said that around 90 users of the popular messaging service, including journalists and members of civil society, has been attacked and “probably committed” by a new directed malware campaign.
WhatsApp, in the sight of a spy software firm
Goal says that has interrupted the malicious operation That, according to its records, it was developed at the end of last year. In this regard, he adds that they have contacted the people who believe have been affected. It is not clear in which part of the world were the objectives or who were behind these attacks, but there are some interesting clues.
The giant of social networks points against Paragon, a firm of Israeli origin that develops spy software with similarities to Pegasus de Nso Group. Their hypotheses seem solid, to the point that they have sent a letter of “cessation and withdrawal” to prevent the espionage firm from continuing to threaten the safety of its users. It is also exploring legal options.
One of Paragon’s most prominent products is Graphite, who promises to avoid mobile phone safety barriers and, at best, obtain Total access to their dataincluding the ability to access application messages whose contents are encrypted as WhatsApp. Paragon was acquired in December by an American firm.
When we talk about directed attacks we are referring to malicious campaigns that point to the number of determined objectives, for example, the network of a company, an entity in particular or certain people. High profile objectives enter the scene. For example, Pegasus was used for a long time to spy on Pedro Sánchez’s mobile, president of the Spanish government.
Paragon or NSO Group customers are usually intelligence agencies, forces of order and others State -related agencies. But its use is not exempt from controversies. Some technology have taken measures beyond the technical. Meta and Apple sued in the past to NSO Group to demand responsibilities on cases of directed surveillance.
The American giant apparently does not know who is the “client” that Paragon software used against its WhatsApp users, but has managed to break down part of the attack methodology. Their researchers believe that the infection vector has been a malicious PDF file, which was sent to the objectives after they were added to a group.
Images | h9images | Mika Baumister
In WorldOfSoftware | The Depseek online version has been publicly exposing users’ chats, according to Wiz. This is what we know
