The Israeli security surveillance company Wintego is offering a system that is able to intercept WhatsApp messages called CatchApp.
CatchApp Captures WhatsApp Messages
The Israeli surveillance vendor Wentigo offers a new system that is able to intercept and display WhatsApp encrypted messages. The only requirement is that the device is placed close to the target Wi-Fi network. The device is an all-in-one unite that can gain access to the target devices. It features support for a variety of case scenarios, extended operating ranges and multitasking.
The information about CatchApp was reported after Forbes published a brochure of the system. This is a non-public offering from the Israeli security company called Wintego. The source that provided the documents stated that the system is capable of working even on the most current versions of the messaging application.
It fits in any standard backpacks and can run for four hours using the internal battery. A laptop or tablet can be used to control its functions wirelessly. This makes it very useful when wardriving or following targets during their daily commute.
The product can connect to four Wi-Fi access points at the same time, supports both popular Wi-Fi frequencies – the 2.4 GHz and 5 GHz bands. The built-in antennas are high-gain so that even far signals can be intercepted.
The surveillance device is a complete system that allows the users to gain the entire contents of the target mobile devices, including chat sessions, email accounts, social network profiles, contact lists, calendars, photographs, web browsing history and activity, files and more. The intrusion happens using a man in the middle attack by intercepting the traffic between WhatsApp and the remote servers.
The solution uses two modules that function in the following modes:
- Advanced Wi-Fi Interceptor – The device captures devices traffic on open Wi-Fi networks and WEP/WPA/WPA2 encrypted ones, including any devices that are not connected to any networks. This works with laptops, tablets, and mobile phones.
- Cyber Data Extractor (DEX) – This mode uses several methods to overcome the encryption and security measures of the various web accounts and applications that obtain the target login credentials (usernames and passwords). The built-in engine supports various operating systems, browsers, and applications. The proprietary method gains the data without alerting the security products.
There are no known confirmed demonstrations of the system, and security experts suspect that various state agencies may be using the product.