WhatsApp vulnerability allowed secretive installation of spyware

Share

WhatsApp told PCMag it had identified the vulnerability earlier this month and promptly fixed it with patches that can be downloaded over both the iOS and Android versions of the app.

Some WhatsApp users may have had their phones infected with sophisticated spyware through a missed in-app call alone, the company says.

WhatsApp said it was too early to know how many users had been affected by the vulnerability, although it added that suspected attacks were highly-targeted. A bug in the VoIP function could let the attacker send specially-crafted data packets to essentially rewrite the app's memory, paving the way for remote code execution.

WhatsApp was targeted by an Israeli company that provides hacking tools to Saudi Arabia and installed malware on targets phones by simply calling their number, according to reports.

Amnesty, which was targeted along with several human rights lawyers by the WhatsApp exploit, is working with a group of Israeli citizens and a civil rights group on a legal action to force the Israeli Ministry of Defense to revoke NSO Group's export license, claiming the company's flagship product, called Pegasus, is unsafe and prone to abuse - and that NSO deliberately sells it to repressive governments.

Now it seems that a WhatsApp call could be just as unsafe, especially if that call is being placed on an activist's or lawyer's phone.

The code could be transmitted even if users did not answer their phones and a log of the call often disappeared, the Financial Times reported.

More news: Michigan's John Beilein To Coach Cleveland Cavaliers
More news: Supreme Court allows consumers antitrust suit against Apple
More news: Tanker collision, gasoline spill closes portion of Houston Ship Channel

There are concerns that the software was used in attempts to access the phones of human rights campaigners, including a UK-based lawyer.

WhatsApp said the attack had all the hallmarks of a private company known to work with governments to infect phones. "We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society".

In a statement, the group said: "NSO's technology is licensed to authorised government agencies for the sole objective of fighting crime and terror".

Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is exclusively operated by intelligence and law enforcement agencies.

According to Facebook's latest figures, WhatsApp has around 1.5bn users worldwide.

In 2016, NSO Group was accused of providing spyware to nation-states to steal data from activists' iPhones.

Human rights organisation Amnesty International is behind legal action to revoke the NSO Group's export licence in Israel, after an Amnesty staff member was targeted last August by Pegasus.

Share