It was revealed today that a new single flaw is allowing hackers to install surveillance software by sending a phone request, without needing the victim’s response to it.
Both the UK National Cyber Security Centre and the US Cybersecurity and Infrastructure Security Agency warned users to upgrade to the latest version of WhatsApp.
This new flaw was discovered when it allowed a government hacker to target human rights activists and lawyers by compromising mobile phones and installing commercial-grade spyware via a simple call request.
Cybersecurity researchers are saying that this never been seen cyber attack illustrates very well the dangers of zero-day vulnerabilities. The current one is incorporated in a spyware program named Pegasus, developed by Israeli cyber-offense firm NSO Group and sold to governments for surveillance purposes.
New evidence from a cyber investigation shows that a human-rights lawyer was targeted by this type of cyber attack, recently.
As usual, the parent company of WhatsApp, Facebook, gave very few details of the vulnerability or what happened.
The only good news here it’s WhatsApp fast response that acted quickly and blunted the impact of the cyber attack.
Which means that the company’s cybersecurity experts eradicated the exploit
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Surprisingly is the fact that the government hackers have chosen to burn this valuable exploit on such a small target like a lawyer. It is known that these kinds of exploits tend to not be cheap so unless they really did get to their intended victims and find whatever they were looking for, this was a potentially big fail on their part.
Experts say that the flaw appears ironically in WhatsApp’s most secured real-time transport protocol, or SRTCP, which is responsible for establishing connections between clients and allowing audio and video calls. In this case, the code used to handle incoming data is affected by a buffer overflow vulnerability.
For those who don’t know buffer overflow bugs are very common in code that parses incoming packets of complicated protocols due to the large attack surface.
Despite this new cyber attack, WhatsApp remains a secure messaging application. But the most secured app appears to be Signal which uses the ZRTP protocol instead of SRTCP and may be considered safer, while other messenger apps are recommended to be avoided.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.