WhatsApp’s Director of Public Policy for Europe, the Middle East and Asia has talked about the espionage of Catalan independence leaders in the Generalitat. The messaging app has proven for the first time that the phone of the president of the Parlament of Catalonia, Roger Torrent, was attacked in 2019 by a suspected security fault. The Country and The Guardian have been informed of this through an email that has been made public via the Internet.

The European Public Policy Director, Middle East and Asia, Niamh Sweeney, from WhatsApp, sent a message to Torrent on Saturday to confirm that they had unduly attempted to access the independence leader’s phone. "Mr. Torrent's WhatsApp account was the subject of an unauthorized access attempt to data and communications during the device," the letter adds. "The aggressors tried to introduce a malicious code into Mr Torrent's WhatsApp application," the source added.

The Pegasus spy program was used between April and May 2019 in Torrent to steal mobile data from ERC Regional Deputy Ernest Maragall, former Member of the Anna Gabriel Cup and activist Jordi Domingo, and according to its creators, the use of the program can only be acquired by governments to prevent "crime and terrorism".

The WhatsApp management has ensured that the attack on Torrent took place thanks to a vulnerability called CVE-2019-3568, which has been arrested. This error allowed the installation of a virus, after simulating a lost voice call. NSO Group used this mechanism to place the Pegasus spy program on 1,400 phones around the world.

After confirming the attack, the WhatsApp address has acknowledged that it is not possible to know whether the Torrent mobile was finally hacked or not. In other words, it was possible to infect your terminal with Pegasus effectively: listen to conversations, read messages, access internal memory, perform screenshots, review browsing history and activate the camera and microphone of devices by remote control.

The operator of the company has stated that the forensic analysis of the Torrent mobile should be "exhaustive" to confirm possible hacking.