By Ami Rojkes Dombe
It has become known to Israel Defense that an Israeli cyber company identified a vulnerability than enables the interception of communications from an instant message platform. The technology used for identification of the vulnerability is said to have been approved for export by the Defense Ministry
According to Israel Defense sources, an Israeli cyber company has uncovered a vulnerability in a popular instant messaging platform. It is said to be a zero-click bug, meaning that the user does not have to click on anything in order for the malware to be used.
The sources say that the vulnerability enables a Man-In-The-Middle Attack (MITM), namely the interception of communications from messaging platforms. It has also become known to Israel Defense that the technology for identifying the vulnerability has been approved for export by Israel's Defense Ministry.
It should be mentioned that under the January 2019 update of the Wassenaar Arrangement, a multilateral export control regime covering conventional weapons and sensitive dual-use goods and technologies, the Defense Ministry must conduct close scrutiny of such technology for any program before approving it for export.
Israel has yet to establish a clear policy regarding the exposure of vulnerabilities to manufacturers, as is done in the US. It was recently reported that the National Security Agency discovered a cryptographic vulnerability in Microsoft's Windows and Office programs. The vulnerability also affected the Chrome browser which uses Microsoft's verification function.
