Funny that. Just a couple of weeks ago, I wrote:
The spy in your ‘puter or ‘phone … Some of that is P2P communications software like Microsoft’s skype or Facebook’s whatsapp, that should be prime vehicles for Aussie-style targeted espionage.
Suppose you’re a government spy agency that has leaned on whatsapp to introduce your spyware. You want to get everyone to update to a version with the spyware. How do you go about it? How about an announcement of a serious security flaw in earlier versions to persuade everyone who might have something to hide to make the upgrade?
As reported, the whatsapp flaw was already at a much deeper level than just spying on whatsapp traffic (as per my earlier comment): it was used to install some of the world’s most sophisticated spyware called Pegasus, developed by an Israeli company NSO and sold to government agencies for total surveillance on dangerous elements such as dissidents and human rights lawyers. The Reg article quotes a comment that kind-of summarises:
NSO Group has been bragging that it has no-click install capabilities for quite some time. The real story here is that WhatsApp found the damn thing.
— Eva (@evacide)
Indeed. Pegasus wasn’t new, and was thought to have been distributed by more conventional means (and no doubt was, to less-than-paranoid users). How did they make the connection between it and a critical whatsapp bug? One might speculate there was more to this story than is being told!
A good day to bury other security/spyware news? Golly, what a coincidence that Thrangrycat was also just announced. The perfect way to bury something more than the official lawful intercept (wiretapping as required of them by the US Government) malware into Cisco routers, switches and firewalls, so deeply that future upgrades won’t affect it.
Wicked speculation: could it be the amount of work they’ve had to devote to supporting US Government spying requirements that caused Cisco to fall behind an unencumbered Huawei?