[ad_1]
A vulnerability in the Facebook WhatsApp messaging application has allowed attackers to spread surveillance software on iPhones and Android smartphones in a simple phone call, the Financial Times recently reported.
Unfortunately, there does not seem to be any sure way to check if software has been affected by the monitoring software. However, users can look for some signs that might be useful in determining whether a mobile device is unknowingly manipulated by a third party.
"One is trying to watch the changes on your mobile device," said Domingo Guerra, a mobile security expert with Symantec antivirus software manufacturer. "If the use of the battery seems to be completely different from the one that has occurred recently, or if the device is warming up because it may be sending and receiving a lot of data, there are signs that the device is compromised. "
Updating the latest version of the WhatsApp app on your smartphone and constantly updating your mobile phone's operating system are essential steps if you think your device may be affected.
WhatsApp discovered the vulnerability this month and quickly solved the problem. But the company did not specify how many people out of 1.5 billion users of the application would be affected. When asked if WhatsApp users can tell if their device has been impacted or not, a company spokesman has issued the following answer:
"Given the limited information we collect, it is difficult for us to say with certainty the impact on specific users.We will work with human rights organizations experienced in monitoring the work of cyber-actors. We encourage all users to update WhatsApp and keep their mobile operating system up-to-date. "
The malware was developed by the NSO group, according to the Financial Times, a controversial security company that is developing a product called Pegasus, capable of activating the camera and microphone of a device and cleaning emails . The company markets its products to governments and intelligence agencies.
As the type of malware used in this attack is usually very expensive and is usually sold to governments and intelligence agencies, the average individual has no reason to be worried, says Jay Rosenberg , security researcher at Kaspersky Labs, antivirus software publisher. .
"It's a government-level malware that costs millions of dollars," he said. "Unless you are targeted by a government, you really have nothing to worry about – your average cybercriminal does not do it."
Nothing indicates that it is a large-scale attack, but NSO Group software has already been encountered in previous attempts to compromise devices owned by activists. In 2016, for example, Ahmed Mansoor, a prominent human rights activist, received text messages with links that would have allowed NSO Group's surveillance software to be installed on his phone.
Tools such as Apple's Screen Time feature makes it easier to track the most frequently used apps on your phone. According to Guerra, this could be an important tactic to detect potentially malicious behavior if your device was affected by an attack.
But a more reliable way to detect external manipulations may be to determine which applications absorb the most battery life and data. Indeed, applications running in the background might not show up in applications such as Screen Time, explains Guerra. Keeping track of your regular use of data can be particularly critical because a tip in data transfers may indicate that something is wrong.
Guerra suggests regularly checking settings such as data usage and battery usage to better detect unusual situations. It also suggests uninstalling applications that you do not use regularly to limit the number of programs that can collect your data. It is also important to back up your device regularly to make the transition to a new phone as transparent as possible in case your phone is compromised.
"[Our smartphones] could be the perfect spy tool, "said Guerra. It has front and back cameras, it has microphones, it has a GPS so your location, your schedule. . . But this data is of no use to anyone trying to spy on you while it stays on your device. So, regardless of the device being registered or being collected, it must be relayed to the attacker. "
[ad_2]
Source link