WhatsApp’s Security Breach: Made in Israel, Implemented Worldwide

IMAGE: The European Union Times

Bibi Netanyahu at a cybertech conference in 2019 freely boasted that Israel’s “NSA, called unit 8200, is the second largest in the world and is the Second Eye of the Five Eyes.” That’s a rather astonishing claim for a nation with only 8.7 million people.

Netanyahu went on explain that all the major I.T. companies have major research centers in Israel. This includes virtually all of the heavy-handed social media censorship venues.

At minute 00:04:53 in the following video, Bibi describes why this is happening — namely, because they have a defense industry; and, specifically, military intelligence [at 00:12:12] used to leverage these I.T. industries. Accordingly, Israel is now No. 2 in the “cyber security industry,” which is a defacto intel operation that’s publicly funded and privately operated.

One answer to the question of “why” is because the development of cyber skills is a state priority for Israel. Most Israeli cybersecurity firms recruit former intelligence officers, mainly from a military unit called 8200 — considered the largest unit in the Israeli Defense Forces.

Many founders of these cyber security companies — like Argus, Check Point and Cyber ​​Ark — spent their compulsory three-year military service in the elite Unit 8200. This secret intelligence body that operates hacker groups is rumored, among other things, to have been behind the Stuxnet attack on Iran’s nuclear research infrastructure in June 2010.

“It’s important to understand that soldiers serving in intelligence units are gaining extremely practical training,” says Amitai Ziv, senior high-tech editor at the Israeli newspaper The Marker. “Starting from day one after their training, they are tasked with real systems to break into across the globe.”

Abuse of Technology Meshed with Intelligence

One of these larger outfits is NSO Group, founded in 2010. It claims it only supplies industry-leading surveillance software to governments. NSO says its software is for tackling terrorism and serious crime. What it’s actually used for could be anybody’s guess. The software has been licensed to dozens of countries, including Saudi Arabia, Mexico, Bahrain and the UAE.

Facebook-owned tech firm WhatsApp announced that it had to patch a security hole in its messaging service, which it believed had been exploited by Israel-based NSO Group. The security flaw would have allowed spyware to be placed on a person’s mobile phone simply via a missed WhatsApp call.

Read “WhatsApp sues Israel’s NSO for allegedly helping spies hack phones around the world”

Hackers accessed data from 29 million Facebook accounts as part of the security breach, which included the names, email addresses and phone numbers of 29 million accounts. From 14 million of those hacked accounted, additional data was obtained, such as hometown, date of birth, the last 10 places they checked into and the last 15 searches.

The link was part of “a network of digital infrastructure comprising more than 600 suspicious domains used to lure targeted individuals to click on links that trigger infection with Pegasus spyware.”

The program can now run on a targeted device without requiring any interaction by the user. This means the operator of the spyware can send it directly to a phone through SMS, email, social media and certain types of apps.

A huge leak in July 2021 revealed 50,000 phone numbers that had been targeted by Pegasus malware, including French President Emmanual Macron and friends of family of Saudi journalist Jamal Kashoggi in the lead up to his murder in 2018.

NSO has not denied the reports. Instead, it blamed others, stating that it “would not or could not use its technology in its own right to target any person or organization.”

But here on the first entry in a Google search is a site called Pegasus Hacker that advertises its services as trusted by 40,000 users.

In 2017, Mexican journalists were targeted by NSO intrusion software.

The abuse of WhatsApp’s loophole is just the latest of many that are being blamed on Israeli cyber spying companies. Keep in mind that Pegasus says they want to prevent crime. Instead, it appears to be facilitating large-scale hacking and snooping attacks.

In August, a threat actor began emailing recipients, telling them that their iPhone device was hacked with a “zero-click” vulnerability to install the Pegasus spyware software.

The scammer says that they have been using Pegasus to monitor the recipient’s activities and have created videos of them during “the most private moments” of their lives. The email warns that if a 0.035 bitcoin (approximately $1,600) payment is not paid, the threat actors will send the videos to the recipient’s family, friends and business associates.

You can read the full text of this email below.

Hi there

Hello, I’m going to share important information with you.

Have you heard about Pegasus? You have become a collateral victim. It’s very important that you read the information below.

Your phone was penetrated with a “zero-click” attack, meaning you didn’t even need to click on a malicious link for your phone to be infected.

Pegasus is a malware that infects iPhones and Android devices and enables operators of the tool to extract messages, photos and emails, record calls and secretly activate cameras or microphones, and read the contents of encrypted messaging apps such as WhatsApp, Facebook, Telegram and Signal.

Basically, it can spy on every aspect of your life. That’s precisely what it did I am a blackhat hacker and do this for a living. Unfortunately you are my victim. Please read on.

As you understand, I have used the malware capabilities to spy on you and harvested datas of your private life.

My only goal is to make money and I have perfect leverage for this. As you can imagine in your worst dream, I have videos of you exposed during the most private moments of your life, when you are not expecting it.

I personally have no interest in them, but there are public websites that have perverts loving that content.

As I said, I only do this to make money and not trying to destroy your life. But if necessary, I will publish the videos.

If this is not enough for you, I will make sure your contacts, friends, business associates and everybody you know see those videos as well.

Here is the deal. I will delete the files after I receive 0.035 Bitcoin (about 1600 US Dollars). You need to send that amount here bc1q7g8ny0p95pkuag0gay2lyl3m0emk65v5ug9uy7

I will also clear your device from malware, and you keep living your life. Otherwise, shit will happen.

The fee is non negotiable, to be transferred within 2 business days.

Obviously do not try to ask for any help from anybody unless you want your privacy to be violated.

I will monitor your every move until I get paid. If you keep your end of the agreement, you won’t hear from me ever again.

Take care.

An investigation by Ziv put in the spotlight Israeli cyber company Candiru. The secretive firm has changed its name three times since 2014. It has no website. None of its estimated 120 employees have a LinkedIn profile, and its phone number cannot be found in directories.

Candiru offers its clients — strictly international, mainly from Europe — a thorough and complete cyber system that customers can use to see exactly how many targets have been penetrated by their hacks and what information has been exploited.

Another company named Logic, owned by Israeli businessman Mati Kochavi, signed a deal with an unknown Gulf state to implement border protection technologies and turn its capital into a “smart city.” Among other things, the system could trace the real-time movement of people throughout the capitol.

Vice News put up a clip of a report that looked into the Israeli cyber intrusion industry. It’s still up on YouTube — for now.

10 Comments on WhatsApp’s Security Breach: Made in Israel, Implemented Worldwide

  1. Isn’t a candiru a fish known for swimming into the urethras of humans and lodging there with spines? Interesting name choice…

  2. Mexico was the first place, the ‘testing ground’ for this software as well, which just shows the malevolent intent of Israel, and whoever is working with them- inside or outside US/US Gov. Nothing wrong with ‘Mexico’ per se, of course, but the corruption is rampant and it’s the most violent place in the world, statistically, with a state run top down by a Cartel-System merged with its security state. Not only that, but they’ve long built alliances with the Serbian/Balkan and Eastern/Chinese Criminal Syndicates, decades back, being coached by the old School Jewish/Italian Syndicate (see Saviano’s book ZeroZeroZero on this). So when Israel takes some advanced software like this, and plants it immediately in a place like that, adjacent to the US, they and whoever jointly decided to do that clearly had some sinister, treasonous, now basically genocidal ideation going on, especially looking at how it has aided in targeting journalists, border patrol agents, police, civilians, and helped ship Fentanyl and Meth, among other things (like human Trafficking) into/through the US.

    Then you look at these corrupt Israeli tech transfers of US military tech to China, and you see an international coalition of people committing this genocide, some of them working within the US, US Officials, pretending to blame just Israel for this stuff (there are so many articles acting confused about the Israel-China tech transfers over the past 30 years, yet zero consequences for Israel or China, ever) – when they never give them- or Mexico, or any of these syndicates- any real consequences, or implement any real solutions, such as legalization, and actual border policies, clamping down on dual citizenry & data/money laundering. The whole thing seems to be more of this ‘Janus’ style usage of a product- because security sure as hell has shit to do with it. Security for Narcotics and Gun Money. But other than that, this is a terror-weapon, all of them are- have absolutely nothing to do with ‘security’ of any kind. They have been used to empower Organized Crime & Terrorists, who are the same thing.

    1.) https://www.reuters.com/article/mexico-tech-surveillance-idUSL8N2PD6BQ

    2.) https://odysee.com/@UnlimitedHangout:a/James-Corbett:2

    3.) Now you’ve got one of these popping up- apparently the largest one they’ve seen- Pandora Papers Expose

  3. Bottom Line: This is 4th gen warfare we are experiencing, the enemy (the state) is going direct to the “hearts and minds” of its enemy via tech.

    There seem to be two types of people these days:

    Those that worship the state
    Those that worship god as creator of the state we chose

    The former are, at this stage, the enemy of the latter. Our closest enemy is not some autistic and twisted oligarch imposing his power, its that damn QuasiGovSchool administrator, or QuasiGovFood administrator To every single Quasi.Gov you can imagine….There’s 3.4 Tril awaiting them… But dont also forget that dimf#ck in HR that says I’m fired or my corporate overlord telling me I have to wear a mask over a deep fryer for 5 hours a day because QuasigovFood says so.

    • There is a third type of person, and that is people like me who don’t worship “god” or the state. I’m not going to worship a god that thought it was a great idea to create a world where evil rules and prevails. I worship neither, I don’t take sides….

  4. Any recommendations for good open source alternatives to Norton, Kapersky, and password managers, anyone?

    Nice uptick in reads coz of Revolver’s linking by the looks of it. Beattie’s a bit of an enigma, is ‘proud Jew’ and even just ‘Jew’ a shield?

Post a Comment

Winter Watch

Discover more from Winter Watch

Subscribe now to keep reading and get access to the full archive.

Continue reading