Saturday, 17 August 2019
Latest news
Main » WhatsApp call exploit let attackers slip spyware on to phones

WhatsApp call exploit let attackers slip spyware on to phones

14 May 2019

A vulnerability in the messaging app WhatsApp let attackers install spyware on the users' phone, reported BBC News.

WhatsApp is scrambling to determine the impact of a now-patched vulnerability in its iPhone and Android apps that allowed hackers to inject spyware into users' devices.

Engineers at Facebook scrambled over the weekend to patch the hole, designated CVE-2019-3568, and freshly secured versions of WhatsApp were pushed out to users on Monday.

Amnesty, which was targeted along with several human rights lawyers by the WhatsApp exploit, is working with a group of Israeli citizens and a civil rights group on a legal action to force the Israeli Ministry of Defense to revoke NSO Group's export license, claiming the company's flagship product, called Pegasus, is risky and prone to abuse - and that NSO deliberately sells it to repressive governments. Keeping the app updated should keep you safe from this particular spyware.

WhatsApp was targeted by an Israeli company that provides hacking tools to Saudi Arabia and installed malware on targets phones by simply calling their number, according to reports. The report said that calls could disappear from the call log, transmitting the spyware to the unwitting victim.

The company said the attack has the hallmarks of a private company that reportedly works with governments to deliver spyware that takes over the functions of mobile phone operating systems.

The messaging company said it has briefed human rights organisations on the finding, and notified USA law enforcement to help them conduct an investigation. The code that enabled the attack, is a commercial spyware created by Israeli company NSO group.

Its flagship software, Pegasus, has the ability to collect intimate data from a target device, including capturing data through the microphone and camera, and gathering location data.

The organisation is fighting for the NSO group to have its export license withdrawn by Israeli government.

"Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is exclusively operated by intelligence and law enforcement agencies", it continued.

"NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics".

Amnesty International, which has previously reported being targeted by the software, is now supporting legal action that would compel the Israeli Ministry of Defence to revoke the export license of NSO Group due to its "chilling attacks on human rights defenders around the world".

WhatsApp call exploit let attackers slip spyware on to phones