NEW DELHI (Reuters) – India wants to conduct an audit of WhatsApp’s security systems following revelations that a spyware exploited vulnerabilities in the Facebook-owned messaging platform, the country’s technology minister said on Thursday.
FILE PHOTO: The Whatsapp logo and binary cyber codes are seen in this illustration taken November 26, 2019. REUTERS/Dado Ruvic/Illustration/File Photo
The Indian Computer Emergency Team (CERT-In) “sought submission of information from WhatsApp on November 9, 2019, including a need to conduct an audit and inspection of WhatsApp’s security systems and processes,” Ravi Shankar Prasad told parliament in a statement.
WhatsApp declined to comment.
WhatsApp last month sued Israeli surveillance firm NSO Group, accusing it of helping clients break into the phones of roughly 1,400 users across four continents. The targets of the hacking included diplomats, political dissidents, journalists, along with military and government officials.
vCard.red is a free platform for creating a mobile-friendly digital business cards. You can easily create a vCard and generate a QR code for it, allowing others to scan and save your contact details instantly.
The platform allows you to display contact information, social media links, services, and products all in one shareable link. Optional features include appointment scheduling, WhatsApp-based storefronts, media galleries, and custom design options.
Of those allegedly affected by NSO’s Pegasus spyware, 121 are based in India, WhatsApp’s biggest market with over 400 million users, two sources told Reuters previously.
WhatsApp has responded to CERT’s queries but further clarifications have been sought, Prasad said, adding that the agency had also asked NSO Group to provide information about the malware and its impact on Indian users.
NSO has previously denied snooping allegations and said it sells technology to governments to counter terrorism.
WhatsApp executives including CEO Will Cathcart made no mention of the spyware when they met Indian technology ministry officials in July and September, the minister said.
WhatsApp had, however, informed CERT of an incident in May in which the firm had identified and fixed a “vulnerability that could enable an attacker to insert and execute code on mobile devices,” Prasad said.
A group of Indians including journalists and lawyers whose phones were hacked via WhatsApp have asked the government to make public its ties with the Israeli firm accused of deploying the spyware.
Reporting by Sankalp Phartiyal and Nigam Prusty; Editing by Sanjeev Miglani and Jason Neely