NEW: We found a spy company’s malicious, fake WhatsApp download page.

Technical analyses by Citizen Lab and Motherboard found links between the fake version of WhatsApp and Cy4gate, a provider of surveillance technology based in Rome, Italy. https://www.vice.com/en/article/akdqwa/a-spyware-vendor-seemingly-made-a-fake-whatsapp-to-hack-targets
A Spyware Vendor Seemingly Made a Fake WhatsApp to Hack Targets

Technical analyses by Citizen Lab and Motherboard found links between a fake version of WhatsApp and Cy4Gate, an Italian surveillance firm that works with cops and intelligence agencies.

https://www.vice.com/en/article/akdqwa/a-spyware-vendor-seemingly-made-a-fake-whatsapp-to-hack-targets
The company denied that the fake WhatsApp page and others linked servers have anything to do with them. But we found certs signed by the company and a login page that displays the company logo and the logo of their spyware product.
Here's a screenshot of the WhatsApp phishing page. If target clicked through a few screens, they'd download a malicious iPhone MDM profile designed to collect phone ID and IMEI, among other data.

It's unclear what the next step in the attack was, or who the targets were.
You can follow @lorenzofb.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.