The creators of two of the most prominent messaging apps – Telegram and WhatsApp – have both independently commented that NSO Group’s Pegasus phone hacking software is a real and present danger to all of us, as both have have had a nasty experience with such phone surveillance software.
WhatsApp, which was bought by Facebook and its founders quickly dismissed over arguments for the chat service’s future, is now headed by Will Cathcart, a former spam warrior over at Gmail who has been very eloquent on phone privacy threats like Pegasus for a while.
That’s partially because of a painful experience with the spyware. Just this past October, WhatsApp filed a lawsuit against NSO Group, the Israeli spyware firm behind Pegasus that managed to hack the accounts of at least 1400 prominent WhatsApp users in 2019 despite the end-to-end encryption of the chat app.
An Apple-Google duopoly is to blame about phones with Pegasus spyware
In fact, the founder of Telegram claims that Google and Apple may be purposefully nonchalant about these exploits, as they are requested by their government’s security agencies but just masked as innocent vulnerabilities when their use becomes notorious like with the current Pegasus scandal.
According to Mr Durov, the NSO Group’s defense that it only sells software like Pegasus to governments and their vetted security agencies, doesn’t hold water in the end as “anybody can exploit them.”
That’s precisely what happened with Pegasus, whose ingenious software made its way not only onto phones of criminals and terrorists but rather also prominent opposition leaders, investigative journalists, human right advocates, and even heads of state like prime ministers, presidents, and a king.
Telegram’s founder should know, as he has been resisting the advances of Russia’s notorious security agencies to implement a backdoor in Telegram so that they can snoop on opponents. The encrypted chat app’s immense popularity at its home turf, however, and some hide-and-seek games with the Russian regulatory authorities, managed to make the Telegram ban in Russia a ban in name only, until they finally gave up on the backdoor request, at least officially.
Mr Durov wasn’t so lucky when it comes to the Israeli software, though, as he suggests he has known one of his numbers to be compromised by a Pegasus-like software since 2018, yet he’s not very worried as there’s no “important information” to find. Moreover, while living in Russia he assumed all of his phones are compromised in one way or another. He, however, is worried that:
This is actually almost verbatim what the WhatsApp CEO has been requesting in his open letter to governments since the Pegasus attack on its users in 2019. Needless to say, nobody does anything until they are personally affected by the spyware, says Durov:
Will the Pegasus debacle move the phone privacy and security needle in the right direction? Apple already issued a statement that lamented the unauthorized spyware usage, saying that:
Apple’s “limited in scope” statement about the iPhones hacked with Pegasus spyware, however, is precisely what the WhatsApp and Telegram bosses warn against – complacency – so we’ll see where that road takes its users who have mostly bought into “the iPhone is the most secure phone” mantra hook, line, and sinker.