Amnesty International says the Israeli firm behind a recent security breach that targeted human rights activists using the WhatsApp messenger app must be held into account for its close ties with repressive regimes.
In a statement on Thursday, Amnesty urged the Israeli regime to revoke export licenses of the notorious Israeli IT firm NSO, which designed the spyware linked to the WhatsApp breach.
The London-based rights group told Reuters that the company’s deeds “resulted in human rights abuses.”
WhatsApp, a unit of Facebook, admitted Tuesday that hackers had managed to use the security breach on its messaging app to target human rights activists.
Eva Galperin, director of cybersecurity at San Francisco-based Electronic Frontier Foundation, said WhatsApp had informed human rights groups that the spyware was likely developed by Israel’s NSO. This was also confirmed by another person familiar with the matter.
In an emailed statement to Reuters, Amnesty asserted that NSO has “again and again demonstrated their intent to avoid responsibility for the way their software is used.”
It said only the Israeli regime at its highest ranks could intervene and stop the company.
NSO said after the WhatsApp breach that it would investigate any “credible allegations of misuse” of its technology which “is solely operated by intelligence and law enforcement agencies.”
WhatsApp, one of the world’s most popular messaging tools which is used by 1.5 billion people monthly, said it had fixed the exploit in its latest update and asked the US Department of Justice to help with an investigation into the breach.
Among the targets of the the new WhatsApp exploit was a UK-based human rights lawyer, who is helping a Saudi dissident and several Mexican journalists launch civil cases against NSO.
They charge that NSO has sold Saudi and Mexican governments hacking tools to hack into their phones, the lawyer said, speaking to Reuters on condition of anonymity.
Novalpina, NSO’s biggest shareholder, told Amnesty in a May 15 letter signed by founding partner Stephen Peel that it was “determined to do whatever is necessary to ensure that NSO technology is used for the purpose for which it is intended – the prevention of harm to fundamental human rights arising from terrorism and serious crime – and not abused in a manner that undermines other equally fundamental human rights.”
An unnamed WhatsApp spokesman told France 24 that all the malware needed to infiltrate the target smart phones were missed calls through the app’s voice calling function.
According to the source, an unknown number of users were infected with the malware.
The WhatsApp spokesman said the attack had “all the hallmarks of a private company that has been known to work with governments to deliver spyware that has the ability to take over mobile phone operating systems”.
NSO’s spyware has repeatedly been used in hacking attacks against journalists, lawyers, human rights advocates and dissidents.
The spyware first made the headlines when it was implicated in the Riyadh regime’s gruesome murder of dissident Saudi journalist Jamal Khashoggi, who was killed and dismembered in the Saudi consulate in Istanbul last October. His body has yet to be found.