PAUSED
DOUBLE CLICK TO RESUME
LOADING
Hackers Exploit WhatsApp
Hackers used WhatsApp to spy on people

WhatsApp exploited!


WhatsApp is owned by Facebook and currently has 1.5 billion users.

One of the most controversial aspects of this app is it markets itself as one of the most secure communication apps around.

Is it secure though? They claim their end-to-end encryption makes it an incredibly powerful application.


What Happened

Hackers were able to remotely download surveillance software on victims' devices which allowed them to access the microphone, camera and more.

It involved attackers using the voice calling function to ring a target's device.

Even if the call was not picked up, the surveillance software could be installed.

This exploit had been around for a dangerous amount of time as the WhatsApp team themselves claim they discovered it first in early May.

Apparently, the information was shared with specifically chosen human rights groups and security vendors including the US Department of Justice.


The Vulnerability

The company described the flaw as "A buffer overflow vulnerability in WhatsApp's VOIP"  (voice over internet protocol).

Prof Alan Woodward from the University of Surrey explained it as the following: "A buffer overflow is where a program runs into memory it should not have access to. It overflows the memory it should have and hence has access to memory in which malicious code can potentially be run."


whatsapp-app-icon.jpg


The Targets

A large question left is, who was targeted? WhatsApp claimed that only specific people were targeted which may have significant information on their device such as Journalists.

We are unsure of exactly who was targeted as it has currently not been disclosed.

The firm warned all users to update the app in case anything including conversations and more were compromised as they have fixed the issue.


The attackers are referred to as the NSO Group, previously known as "cyber-arms dealers."

NSO's flagship software, Pegasus, has the ability to collect intimate data from a target device, including capturing data through the microphone, camera and gathering location data.

In a statement, the group said: "NSO's technology is licensed to authorized government agencies for the sole purpose of fighting crime and terror.


Do you think Whatsapp did enough?
 Let us knoW down below in the comments!

Comments
Papillon
6 days ago
Well good thing I don't use WhatsApp.