WhatsApp Hit by VoIP Spyware Attack

WhatsApp Hit by VoIP Spyware Attack

Facebook-owned WhatsApp is the most popular messaging platform in the world with more than 1.5 billion active users. That makes it a big target for hackers, and one group reportedly discovered a vulnerability that allowed them to inject malware into phones. All they had to do was place a voice call.

We’re all familiar with the conventional security advice, such as don’t open suspicious attachments and don’t follow unknown web links. WhatsApp users didn’t need to do anything to end up in trouble with this bug, though. The attackers used VoIP calls in WhatsApp to transmit malware, and the target didn’t even need to answer.

WhatsApp says it identified the bug in early May, but it was already active in the wild. It rolled out a patch this week, but the company is still reluctant to talk about the specifics. This was no amateur operation, after all. Sources point to the notorious Israeli spy firm NSO Group as the perpetrator of the attack. NSO Group is known to work with governments to implant malware on targeted systems. WhatsApp reached out to several human rights groups to provide details about the bug when it realized what had happened, but NSO Group claims it wasn’t involved.

The only definitive information on the hack comes from the Facebook security advisory, which notes the hack leverages a type of bug called a buffer overflow. In these attacks, an attacker attempts to overload buffer zones in memory to force the system to load that data into less-controlled areas. This can lead to crashes or allow the attacker to access critical system components.

WhatsApp Hit by VoIP Spyware Attack

VoIP is not exactly a new technology, but the implementation in each app can be different. That provides opportunities for developers to inadvertently introduce vulnerabilities. WhatsApp features end-to-end encryption, ensuring that only the sender and recipient of a message can read it. The spyware injected by NSO Group allegedly allowed a third-party to see the messages after they were decrypted on the user’s phone.

This attack was highly targeted, focusing on activists and human rights attorneys. So, odds are that no one will be placing a malware call to your device. That said, other bad actors might be able to work out the method used by NSO Group to carry out a less-targeted campaign. All WhatsApp users should upgrade to the latest version of the app, which has a fix in place for the VoIP attack.

Continue reading

Vivo Demos First Smartphone With In-Display Fingerprint Sensor
Vivo Demos First Smartphone With In-Display Fingerprint Sensor

At CES, Chinese smartphone maker Vivo is on hand to show off the first ever phone with a fingerprint reader inside the display.

AI May Have Unlocked the Secrets of the Mysterious Voynich Manuscript
AI May Have Unlocked the Secrets of the Mysterious Voynich Manuscript

Researchers from the University of Alberta now claim to have made significant progress in understanding the manuscript with the aid of artificial intelligence.

Lenovo Recalls 80,000 Laptops as Potential Fire Hazards
Lenovo Recalls 80,000 Laptops as Potential Fire Hazards

Lenovo says the ThinkPad X1 Carbon laptops included in the recall contain batteries that could overheat and damage the machine. It might even catch fire.

Facebook’s New ‘Onavo Protect’ VPN is a Spyware App
Facebook’s New ‘Onavo Protect’ VPN is a Spyware App

Facebook's new VPN feature gives the company specific information to datamine your online activity while pretending this presents a benefit to end users. Don't be fooled.