[ad_1]
WhatsApp has fixed a vulnerability that allowed malicious actors to remotely install spyware on affected phones, and an unknown number of them would have done so with a commercial-grade surveillance package typically sold to nation-states .
The vulnerability (documented here) was discovered by WhatsApp, a company owned by Facebook in early May, confirmed the company to TechCrunch. It apparently exploited a bug in the app's audio call feature to allow the caller to authorize the installation of spyware on the device called, which the ##################################################################################### Call was made or not.
The spyware in question that was found to be installed was owned by NSO Group based in Israel. Pegasus, who is usually (apparently) fired by governments looking to infect survey targets and access various aspects of their devices.
As you can imagine, this security hole is extremely serious and it is difficult to repair the window in which it was open or the number of people affected. Without knowing exactly what was the exploit and the data kept by WhatsApp regarding this type of activity, we can only speculate.
The company said it suspected a relatively small number of users to be targeted, as the deployment would be significant, which would limit it to advanced and highly motivated players.
Once alerted about the existence of the problem, the company said that it had taken less than 10 days to make the necessary changes to its infrastructure, which would make the attack inoperable. After that, a client update is secured against the exploit.
"WhatsApp encourages users to use the latest version of our app and keep their mobile operating system up-to-date to protect against potential exploits targeted at compromising information stored on mobile devices," said company in a statement.
So, what about the NSO group? Is this attack also their job? The company told the Financial Times, which reported the attack, that it was investigating the problem. But he noted that it is prudent not to get involved in the actual applications of his software – he controls his clients and investigates the abuses, he added, but that has nothing to do with how his code is used or against whom.
WhatsApp did not name NSO in his remarks, but his suspicions seem clear:
"This attack has all the features of a private company known to work with governments to provide spyware that would have taken over the functions of mobile phone operating systems."
Of course, when a security-focused application such as WhatsApp discovers that a private company has, at least potentially, secretly sold a known and dangerous exploit of its protocols, there is some enmity. But it's all part of the day's game, an arms race to protect or break the latest security measures. WhatsApp informed the Ministry of Justice and "several human rights organizations".
As WhatsApp suggests, always keep your applications up-to-date for such situations, although in this case the problem could have been resolved in the backend before the clients could be fixed.
[ad_2]
Source link