Hackers exploit WhatsApp's

in Blog

Hackers Exploit WhatsApp’s 0-day Vulnerability to Spy on Phones

WhatsApp has recently patched up a flaw in its security system that allowed hackers to secretly install spyware on a few “selected” smartphones. The attacker spied on the user of the phone by simply placing a WhatsApp audio call on target phone numbers.

This ‘Pegasus spyware’ is developed and weaponized by the Israeli company NSO Group and is by far known to be the most advanced mobile spyware. It gets installed in Android and iOS devices through the WhatsApp exploit.

This spyware allows attackers to discreetly access massive amounts of data from the victim’s smartphone device, such as tech messages, emails, contact details, call record, location, microphone, and camera.

As per the advisory published over on Facebook, this vulnerability in WhatsApp VOIP allows the hackers to put in arbitrary codes on the victim’s phones by sending a designed series of SRTCP packets.

The security loop which is identified as CVE-2029-3568 can successfully execute the installation of spyware and steal data from a victim’s device merely by placing a WhatsApp call even if it goes unanswered.

The target remains oblivious to the intrusion until after the spyware erases the “incoming call” portion of the logs.

Although it is not fully known what the exact number of WhatsApp users were victimized it has been deduced by the engineers that the NSO Group spyware was only after a few target numbers of users.

The Citizen Lab and a watchdog group at the University of Toronto who is interested in the NSP Group activities believe this new attack was launched to target a UK-based human rights lawyer recently on Sunday.

There is history present on this spyware being used against human rights activists and journalists from Mexico all the way to the United Arab Emirates. A Saudi human rights worker, working abroad and the Amnesty International staffers in Saudi Arabia has also been victims of this nasty spyware.

WhatsApp is now urging its users to upgrade their apps to the latest version available as well to patch up and update all the security features of this device. This is because all the versions of WhatsApp apart from the most recent version on iOS and Android were affected by the malware.

This means that roughly 1.5 billion WhatsApp users were affected by the flaw until Facebook finally managed to patch. According to Facebook:

“The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15,”

According to the FT teams of engineers ceaselessly worked in San Francisco and London to get rid of the vulnerability. The security patch was released on the servers on Friday while the patch became available for the users on Monday

The NSO Group, when asked about a statement on the report said that it allows the government agencies to use its technology “for the sole purpose of fighting crime and terror.” They furthermore added that the system is not run by the group itself even though they have a strict licensing and vetting process. As said by the company:

“We investigate any credible allegations of misuse, and if necessary, we take action, including shutting down the system. Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,”

WhatsApp engineers had discovered and long since disclosed the information about the vulnerability to the Department of Justice earlier this month. They now are fervently encouraging the user’s to update the application.

Write a Comment

Comment

22 Comments