Photo via Hernan Pinera/Flickr (CC-BY-SA)
An Israeli hacking firm is selling software that intercepts data and breaks encryption from WhatsApp, the popular messenger used by over 1 billion people around the world, according to a new report in Forbes.
The surveillance tech, known as CatchApp, "provides complete access to all of a target's WhatsApp content," according to the marketing material from Wintego, the Israeli firm selling the product.
CatchApp, which can target 95 percent of current smartphones, promises man-in-the-middle interception of WhatsApp messages ("achieved in any of various ways") and then "unprecedented" decryption of the messages.
The product was discovered when an anonymous source handed over Wintego's marketing materials to Forbes, adding that it was being sold to police in 2016.
There is no specific information about how any of this is done or if it even still works with the latest versions of WhatsApp, which boasts much more robust security capabilities than previous iterations. Neither WhatsApp nor Wintego responded to requests for comment.
WhatsApp encryption is used by Signal, the gold standard for encrypted messaging apps. Signal developers did not respond to a request for comment.
Due to the vagueness of the marketing materials and the silence from all parties involved, it's not clear if CatchApp affects current versions of WhatsApp or similar secure communications apps. It may be that the material is old or vastly embellished to push sales.
What the Forbes report does do is shed light on the booming professional spying industry, which includes companies like Wintego, Hacking Team, and NSO Group. Governments and private entities increasing paying millions to these "offensive hacking" cyber-mercenaries that are often shrouded in secrecy.
Contact the author: Patrick Howell O'Neill, firstname.lastname@example.org