WhatsApp Ask 1.5 Billion Users to Update App After Cyber Attack
http://www.hrlnews.com/2019/05/whatsapp-asks-15-billion-users-update.html
WhatsApp on Monday urged all of its 1.5 billion users to update
their apps as an added precaution against hackers who remotely install
surveillance software on phones and other devices.
According to reports, the hackers were able to operate using a major vulnerability in the messaging app.
WhatsApp, which is owned by Facebook, said the attack targeted a
“select number” of users, and was orchestrated by “an advanced cyber
actor”.
A fix was rolled out on Friday.
The attack was developed by Israeli security firm NSO Group, according to a report in the Financial Times.
The attack was first discovered earlier this month, according to the BBC.
It involved attackers using WhatsApp’s voice calling function to ring
a target’s device. Even if the call was not picked up, the surveillance
software would be installed, and, the FT reported, the call would often
disappear from the device’s call log.
WhatsApp told the BBC its security team was the first to identify the
flaw, and shared that information with human rights groups, selected
security vendors and the US Department of Justice earlier this month.
“The attack has all the hallmarks of a private company reportedly
that works with governments to deliver spyware that takes over the
functions of mobile phone operating systems,” the company said on Monday
in a briefing document note for journalists.
The firm also published an advisory to security specialists, in which
it described the flaw as: “A buffer overflow vulnerability in WhatsApp
VOIP stack allowed remote code execution via specially crafted series of
SRTCP packets sent to a target phone number.”
Reactions: |