100 Taiwan Officials Compromised Following Japanese Messaging App Hack

Edward Kost
Edward Kost
August 2, 2021

Line, a popular Japanese messaging app with over 84 million monthly users, was breached resulting in the compromise of over 100 accounts belonging to Taiwanese political figures.

The hackers disabled Line’s end-to-end encryption feature called ‘Letter Sealing’ so that victim messages could be read.

The identity of the hackers is unknown at this stage. A nation-state group is likely responsible given the prestigious standing of the victims.

It’s speculated that the cybercriminals used the spyware solution Pegasus in the attack.

Pegasus was created by NSO Group, an Israeli security company that supplies government entities with technology that stops terrorist attacks.

The controversial spyware is under fire after a recent investigation by The Washington Post and 16 media partners revealed that Pegasus wasn’t being used to maintain a peaceful climate, but rather the opposite of that.

For more than half a decade, Pegasus was used by NSO clients to monitor journalists, silence critics, and threaten opponents.

France’s President Emmanuel Macron was among the 14 heads of state that had their phones infected by the software.

Potential victims have no way of knowing when they’re being targeted. A phone can become infected just by receiving a text message, without any link interactions.

Amnesty International has developed a tool called MVT (Mobile Verification Toolkit) that can detect whether your phone is infected with Pegasus.

This tool is available on GitHub. If you require setup assistance, these instructions will help.

Unfortunately, the MVT solution isn't scalable. The scanning software needs to be compiled for each assessed device, and this can only be done on either Linux or macOS

This breach has further defaced Line’s already blemished security reputation.

The messaging app provider permitted a Chinese affiliate to access its servers to support the development of an AI technology project.

The interaction allowed four technicians from a Chinese company to access user names, phone numbers, email addresses, and messages flagged as inappropriate in 2018.

Line assured its users that the accessed data was not maliciously used, and then blocked the Chinese company from further access in February 2021. This event is a potential breach of Japan’s privacy legislation which requires tech company’s to identify the specific countries that will be accessing user data.

Because Pegasus can infect devices so effortlessly, it’s unlikely that poor internal decisions facilitated this breach, though it’s still a possibility given Line’s recent headlines.

Line’s tumultuous history shines a spotlight on a disturbing reality usually eclipsed by other business affairs - vendor security cannot be trusted.

How secure is Line?

Line is Japan's most popular messaging app with over 85 million monthly users.
  • Check icon
    View our free preliminary report on Line’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
https://line.me/
Security ratings
Abstract shape
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating