// Hacking NEWS // A Vulnerability in WhatsApp Has Been Used to Spy On Smartphones Remotely

in news •  last month  (edited)

All it took was a VoIP call to install Pegasus, a particularly effective spyware program used by governments and law enforcement agencies around the world. An update of the messaging system is available.


If you are using WhatsApp, update your application as soon as possible. A critical flaw allows you to hack into any remote smartphone, whether it is under iOS or Android, simply by initiating a VoIP voice call. The targeted person does not even need to answer this call.

And it's not just a theory. According to The Financial Times, this breach was used just last Sunday by a customer of the Israeli publisher NSO to install the Pegasus spyware on the smartphone of a British human rights defender. The attack was blocked by WhatsApp who discovered the flaw at the beginning of May and has since deployed a patch on its servers.
The update of WhatsApp's client software is available as of Yesterday.

We don't know how many smartphones could have been infected by Pegasus thanks to this flaw. Once installed, this spyware can, among other things, siphon e-mails, SMS and photos. It can also access the microphone and camera in real time.

The malware was analysed in 2016 by researchers from CitizenLab and Lookout, after recovering a copy on the iPhone 5s of Ahmed Mansoor, an Emirati human rights defender.

CitizenLab research has also shown that Pegasus has been installed on the device of a Saudi-Canadian activist and on at least 25 smartphones in Mexico, including journalists, lawyers and politicians.

A flaw in the VoIP signalling protocol

Until then, the software used a succession of three zero-day vulnerabilities to hack into the device and required the target to click on an HTML link. In this case, it is obviously much simpler.

We do not yet know all the technical details of this flaw. A security alert published by Facebook nevertheless indicates that the bug was at the level of SRTCP (Secure Real-Time Control Protocol), the signalling protocol used by WhatsApp for VoIP communications.

Sending a series of specially trained SRTCP packets allowed, according to Facebook, to cause a buffer overflow and, thus, to execute arbitrary code remotely.

Source: The Financial Times, via The Verge

Stay Informed, Stay Safe



Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Haha.. very good choice of image :)

Posted using Partiko Android


It made me laugh too aha