A WhatsApp hack used Israeli spyware to target Rwandan dissidents

The dark side of WhatsApp
The dark side of WhatsApp
Image: REUTERS/Thomas White
We may earn a commission from links on this page.

WhatsApp’s owner Facebook on Tuesday (Oct. 29) filed a lawsuit against an Israeli software company which alleged some 1,400 phones and devices whose users included lawyers, journalists, human rights activists and political dissidents were hacked via its messaging platform. It is believed this was done on behalf of governments.

A new investigative story from the Financial Times on Wednesday reported, that “on the list of targeted individuals identified by WhatsApp, a considerable number were from Rwanda.”

The hack worked by the user receiving a video- or voice-call request from an unknown number on WhatsApp. However, even when the number was ignored it was enough for the call to be used to hack into the user’s phone even without them answering it. It was also used to access personal data on the device including text messages and location.

The FT said it interviewed six Rwandan dissidents who said they had received these dropped calls and includes several interviews in its report.

The Facebook lawsuit is against Israeli spyware developer NSO Group which developed a powerful spyware tool called Pegasus. The spyware is said to be especially effective in its ability to monitor a user’s voice calls, messaging, location and general phone use.  WhatsApp said it worked closely with Citizen Lab, a research group affiliated with the University of Toronto focusing on cyber security, to investigate the attacks and link them to NSO.

The breach was first revealed by the Financial Times (paywall) in May, which also linked it to the NSO. WhatsApp alerted users to the suspicious video calls that month, and updated the app to fix the breach, but did not identify the Israeli company as behind the attack at the time. Lawyers say the lawsuit is unusual, because the litigation could expose information about how WhatsApp’s encryption works.

WhatsApp is easily the most popular messaging app across Africa and for many Africans is way more useful and effective than its Facebook parent because of its low data bandwidth usage. But over the years it has moved from being a simple messaging app to be an important tool for organizing everything from weddings and parties to student protests and political uprising across the continent.

The news that it could be so effectively hacked and allegedly by an African government will give pause to some civil society activists who were prominent among those targeted, according to the FT’s story. The Rwandan government had not responded to the report, ahead of this story.

The Facebook filing in a San Francisco US federal court on Tuesday (Oct. 29), alleged the Israeli spyware firm, which works with governments around the world, created WhatsApp accounts using numbers registered in countries like Israel and Brazil and used them to video-call target users between April and May this year, infecting their devices with the malware known as Pegasus. Facebook says the fact the the firm agreed to WhatsApp terms and conditions to set up the accounts gave the US court standing to hear the case.

Facebook and Citizen Lab did not identify any of the targeted users, but two Moroccan activists, Maati Monjib, an academic and Abdessadak El Bouchattaoui, a human rights lawyer, were identified as among the victims of NSO’s hack by Amnesty International this month.

Sign up to the Quartz Africa Weekly Brief here for news and analysis on African business, tech and innovation in your inbox