Attackers install government-grade spyware on phones using WhatsApp exploit


Attackers install government-grade spyware on phones using WhatsApp exploit


WhatsApp just fixed a vulnerability that permitted malicious actors to remotely install spyware on affected phones, and an unknown number reportedly did so with a commercial-grade snooping package usually sold to nation-states.

The vulnerability mentioned here was discovered by WhatsApp in early May, the company confirmed to TechCrunch. It apparently leveraged a bug in the audio call feature of the app to allow the caller to allow the installation of spyware on the phone or device being called, whether the call was picked/ answered or not.

The spyware in question that was detected as having been installed was Israel-based NSO Group’s  Pegasus, which is commonly licensed to governments looking to infect targets of investigations and gain access to various aspects of their devices or mobile phones.

This is, as you can imagine, an extremely dangerous security hole, and it is difficult to fix the window during which it was open, or how many people were affected by it. Without knowing accurately  what the exploit was and what data WhatsApp keeps regarding that type of activity, it can only be speculated.

The company said that it suspects a relatively small number of customers  were targeted, since it would be nontrivial to deploy, limiting it to advanced and highly motivated actors.

Once alerted to the issue’s existence, the company said it took less than 10 days to make the required changes to its infrastructure that would render the attack unworkable. After that, an update went out to the user or client  that further secured against the exploit.

“WhatsApp inspires people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” the company said in a statement.

So what about NSO Group? Is this attack their work as well? The company told the Financial Times, which first reported the attack, that currently it was investigating the issue. But it noted that it is careful not to involve itself with the actual applications of its software — it vets its users and investigates abuse, it said, but it has nothing to do with how its code is used or against whom.

WhatsApp did not name NGO in its remarks, but its suspicions seem clear:

“This attack has all the promises of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.”

Naturally when a app like WhatsApp finds that a private company has, potentially at least, been secretly selling a known and dangerous exploit of its protocols, there’s a certain amount of enmity. But it is all part of the 0-day game, an arms race to defend against or breach the latest security measures. WhatsApp notified the Department of Justice and “a number of human rights organisations” of the issue.

Lastly as a suggestion , you should always keep your apps up to date for situations like this, although in this case the problem was able to be fixed in the backend before clients could be patched.

admin

Please Keep Visiting this website for latest IT News and Updates, Tips, Urdu/ English Video Tutorials.

اردو میں مکمل فری کورسزآن لاءن دیکھنے اور فری ڈاون لوڈ کے لیے ہماری ویب سایٹ وزٹ کریں- اس کے علاوہ یہاں آپ کو انفارمیشن ٹیکنالوجی ، کمپیوٹر اور موباءیل سے متعلق بہت ہی مفید چیزیں ملیں گی

No comments:

Post a Comment