[ad_1]
Earlier this week, it was reported that a vulnerability of the WhatsApp messaging service, widespread on Facebook, allowed attackers to spread spyware on smartphones via calls made through the application.
To do this, hackers exploited what is known as a buffer overflow vulnerability within WhatsApp, which the company quickly corrected and was reported for the first time by the Financial Times. A buffer overflow exactly matches what its name implies. This is a problem that can occur when an application is saturated with more data than it can store in its buffer or in a temporary storage space.
"A buffer overflow occurs when a programming error makes it possible to write more data to a given area of memory than can be stored," Business Insider Rik Ferguson, a vice president, told Reuters. President of Security Research at Trend Micro, a security software publisher. "The additional data enters the adjacent memory, corrupting or overwriting previously held data, and can cause outages, corruption or serve as an entry point for further intrusions."
In the case of the WhatsApp attack, hackers exploited the buffer overflow bug via the phone call feature of the application to inject spyware on smartphones without knowing it, a reported the Financial Times. The exploit would work even if the victim did not answer the call, says the report.
To understand how this is possible, it is useful to know how the WhatsApp call feature works. Like many popular email applications, WhatsApp uses a popular technology called Voice over Internet Protocol (VoIP), which allows users to make and receive phone calls over the Internet rather than through a standard phone line.
When you receive a phone call via WhatsApp, the application configures the VoIP transaction and the encryption that accompanies it, Ferguson said. It then informs the user of the incoming call and prepares to accept, decline or ignore the call based on the information entered by the user.
"I understand that the buffer overflow exploit occurs during this phase, which is why the recipient does not need to answer the call to be compromised" Ferguson said.
Buffer overflow vulnerabilities have been around for decades, even since the famous Morris Worm of 1988, widely seen as one of the first versions of the modern virus on the Internet. According to Ferguson, examples of buffer overflow exploits have been documented since 1972, and programming languages such as C and C ++ are particularly exposed to them, even nowadays. "Finding them is a difficult and successful operation, even more complex, but attackers and researchers still do it regularly," he said.
The malicious code used during the attack of WhatsApp was developed by the Israeli company NSO Group, which develops a product called Pegasus, able to activate the camera and microphone of a smartphone, says the report. The company's software has already been associated with attempts to manipulate devices belonging to activists. In 2016, for example, Ahmed Mansoor, a prominent human rights activist, received an SMS with a link that allegedly installed NSO software on his phone, discovered a monitoring organization, Citizen Lab.
WhatsApp has not specified how many applications 1.5 billion users have been affected, but this encourages all users to upgrade to the latest version of the application.
[ad_2]
Source link