This WhatsApp Flaw Helped Send Spyware with a Voice Call

Share

On Friday last week, WhatsApp began rolling out a server-side fix and issued an all update to users of the messaging app on Monday.

"A buffer overflow vulnerability in WhatsApp VoIP [voice over IP] stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number", said Facebook in an advisory on Monday.

WhatsApp is encouraging users to update to the latest version of the app after discovering a vulnerability that allowed spyware to be injected into a user's phone through the app's phone call function.

Attackers could transmit the malicious code to a target's device by calling the user and infecting the call whether or not the recipient answered the call.

Once installed, Pegasus can gain access to multiple aspects of a users phone as it is able to turn on and collect data from the microphone and camera and also get location logs, emails, and messages.

WhatsApp told PCMag it had identified the vulnerability earlier this month and promptly fixed it with patches that can be downloaded over both the iOS and Android versions of the app.

Doris Day has died aged 97
The Doris Day Animal Foundation confirmed the star had died at her Carmel Valley, California, home surrounded by close friends. With movies trending toward more explicit sex, she turned to television to recoup her finances. "May she rest peacefully".

All-new Apple TV app available in over 100 countries starting today
Apple surprised us all when it announced its TV app would be coming to third-party devices . They will also be able to access the entire library of content, including 4K HDR titles.

Monster Hunter World's Iceborne Expansion Launches September 6
While there are still a lot of information up in the air, we at least know the expansion will release on September 6 , 2019. More information will be revealed in the coming days as the release date gets closer.

It has also alerted U.S. law enforcement to the exploit, and published a "CVE notice" to other cybersecurity experts alerting them to "common vulnerabilities and exposures".

The flagship software called Pegasus by a private Israeli company NSO Group is said to have taken advantage of WhatsApp's voice call function to carry out the attack.

The Facebook subsidiary says "an advanced cyber actor" infected an unknown number of people with the malware, which it says it discovered in early May. "The company does not operate the system, and after a rigorous licensing and vetting process, intelligence and law enforcement determine how to use the technology to support their public safety missions", NSO Group said. The company has said it obeys applicable laws. According to the Financial Times, WhatsApp already alerted the US Department of Justice about this attack last week.

The company also belives that only a relatively small number of users were targeted by the attack. "It's time to stop the use of NSO Group's tools to infiltrate, intimidate and silence civil society".

Justifying the decision to stop supporting these phones, WhatsApp said in a blog post: "As we look ahead to our next seven years, we want to focus our efforts on the mobile platforms the vast majority of people use".

Amnesty International, which said it had been targeted by tools created by the NSO Group in the past, said this attack was one human rights groups had long feared was possible.

Share