Decrypted WhatsApp chats laid groundwork for Belgian terror raids

Firm handing over plaintext comms helped us, say Feds

The Belgian arrests of terror suspects on Monday were reportedly facilitated by decryption of WhatsApp user chats.

WhatsApp cooperated with US intelligence agencies to decrypt user chats before raids against alleged members of an ethnic Chechen jihadist group based in Belgium, Bloomberg reports.

Investigators said two people had been detained in the anti-terror raids following the interception of communications on WhatsApp’s messaging service. Warrants have been issued against three further suspects.

A militant who returned to Belgium wounded after fighting with the Al-Qaeda-affiliated al-Nusra Front seems to have spurred the original investigation.

WhatsApp metadata could have been used to map the connections between persons of interest and the wounded jihadi, prior to more intense and targeted surveillance against suspects.

WhatsApp began rolling out end-to-end (E2E) encryption of its messages last November with technology based on security researcher Moxie Marlinspike's WhisperSystems encryption protocol TextSecure.

However, this remains a work in progress. End-to-end encryption is not yet supported by the iOS version of WhatsApp, for example.

“Remember, WhatsApp on iOS is not encrypted e-to-e, and it's unclear if group chats on Android are encrypted e-to-e,” cautioned Christopher Soghoian, a principal technologist at the ACLU, in an update to his personal Twitter account.

Separately, it emerged that it might be possible to hijack WhatsApp accounts in seconds using a simple trick, first publicised on Hacker News. The attacker needs nothing more than a phone number of the target person and access to a mark’s mobile phone for a few seconds. Importantly, the ruse will work even if the device is locked.

Physical access to a target handset is required, a major obstacle. El Reg asked WhatApp’s PR department for comment earlier this week but is yet to hear back. ®




Biting the hand that feeds IT © 1998–2019