tech2 News StaffMay 15, 2019 17:48:19 IST
WhatsApp, the popular messaging platform with a global base of 1.5 bn users, has been affected with a vulnerability which lets hackers gain access to your phone.
WhatsApp has encouraged all its users to update to the latest version of the app and has claimed that this breach has been fixed.
What is the latest WhatsApp security breach?
The latest security loophole on WhatsApp, discovered earlier this month, lets hackers use a vulnerability in the app to install surveillance software on your phones. The WhatsApp voice calling feature is being used to call the target’s device and even if the target doesn’t pick up the call, the deed is done.
WhatsApp has noted that a buffer overflow vulnerability in the “WhatsApp VOIP stack” allowed for remote code execution “via a specially crafted series of SRTCP packets sent to a target phone number.” Put simply, the attacker would make a WhatsApp call on your number and the vulnerability in the WhatsApp VOIP stack would let malware be installed on your device, whether or not you received the call. The call won’t even show under missed calls as the hacker has the ability to remove it from call logs.
The affected versions include WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348 and WhatsApp for Tizen prior to v2.18.15.
Who has been affected by the WhatsApp security breach?
There is no clarity on who exactly has been affected by this breach. According to WhatsApp, it is too early to say, but it has shared this information with human rights groups such as Citizen Lab and Electronic Frontier Foundation (EFF) and select security vendors, in addition to the US Department of Justice.
According to a report in The New York Times, one of the persons targeted was a London-based lawyer who is helping a Saudi dissident in Canada, a Qatari citizen and a group of Mexican journalists and activists fight a case against the Israel-based NSO Group, which is being accused of being behind this attack. WhatsApp engineers have claimed that the digital footprint of this attack was similar to other tools used by the NSO Group. The lawyer said that his suspicions started growing after he started missing WhatsApp video calls from Swedish telephone numbers at odd hours.
Amnesty International has said that there is mounting evidence that these tools by NSO Group are being used by regimes to keep anti-establishment activist voices under control.
How to protect yourself from this vulnerability
WhatsApp has released an update to fix the vulnerability.
You will need to ensure that the Android variant of WhatsApp is version 2.19.134 or higher and for iOS devices, ensure that the app version is 2.19.51 or higher.
WhatsApp has sent out an update which apparently fixed the flaw.
“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” a spokesperson said in a statement to AFP.
WhatsApp hasn’t revealed how many users have been affected with this exploit as well as who had targetted them. The matter has been reported to US authorities as well as the Data Protection Commission (DPC) in Ireland.
Who is the NSO Group?
NSO Group is an Israeli tech firm which specialises in making cyber-surveillance tools and is notoriously called a ‘cyber-arms dealer’. It has been accused of developing spyware for governments intent on snooping on activists and journalists. In 2016, researchers had found that the NSO Group were helping the UAE government to spy on an activist.
Journalists are often the victims of targeted attacks, with as many as 11 identified in our research into NSO Group’s Pegasus spyware pic.twitter.com/EooPoRLBtt
— Citizen Lab (@citizenlab) May 3, 2019
NSO Group is the brains behind the product Pegasus, which can reportedly switch on a target’s camera and microphone as well as access data on the device. The software is able to infect a user’s phone after a single click on a link in a fake text message grants it complete user access of the victim’s phone to NSO’s clients.
NSO Group claims that it makes software only for governments to help them fight crime and terror. According to a report in CNN, around 45 countries use NSO’s Pegasus technology. NSO Group also claims that it has the power to disconnect its products from use if they are used beyond the purposes of crime and terror detection — something that’s been dismissed by cyber-security experts.
According to cybersecurity experts, regular WhatsApp users are most likely unaffected by this attack, but it’s always a good idea to update your WhatsApp app to the latest version, just to be on the safe side.
Tech2 is now on WhatsApp. For all the buzz on the latest tech and science, sign up for our WhatsApp services. Just go to Tech2.com/Whatsapp and hit the Subscribe button.