WASHINGTON DC, USA: WhatsApp confirmed on Tuesday that a security breach occurred on its messaging app platform which targeted a ‘select group’ of journalists, lawyers and human right activists.
WhatsApp also urged its users to download the latest update for the app in order to protect themselves from the malware attacks.
WhatsApp promotes itself as a “secure” communications app as the messages sent through the application are end-to-end encrypted. This means the messages would only be displayed in a legible form on the sender or recipient’s device. The fact that hackers can easily to break into digital communications has raised concerns about privacy.
Haris Ali Khan, a technology expert associated with Perth-based startup MiracleTek, said loopholes could be easily used to hack different devices.
“Though it is too early to comment on the nature of the vulnerability that allowed this breach, however, a quick probe into available information indicates that this occurred due to a loophole in the voice-over-internet protocol service that WhatsApp employs for its calls,” he said.
“Hackers successfully leveraged this flaw in VoIP to cause a buffer-overrun in the program and penetrated into the device operating system.”
The spyware is installed in the targets’ phone by just ringing up by call function. It worked even if they did not answer the call. Hackers remotely install the spyware that would allow them to control the device.
Owned by Facebook, WhatsApp is used by 1.5 billion people around the globe. The messaging platform said it had patched a security loophole that allowed spyware to be installed even via a missed call.
A spokesman for the company said the scope of the problem was unknown, but the number of affected individuals was at least in the dozens.
The Financial Times and TechCrunch identified the spyware as the product of an Israeli cybersecurity firm NSO. The group is famous for its software called “Pegasus” which can hack smartphones. The malicious spyware can activate microphone and cameras, collect location information and even send out emails and text messages.
WhatsApp discovered in early May that attackers were using zero day exploit developed by NSO Group that installed malware on a user's iPhone or Android phone simply by calling them. Target did not have to answer phone to be infected, and calls often disappeared from call logs https://t.co/rp6NHHWtiD
— Kim Zetter (@KimZetter) May 13, 2019
The NSO Group is one of the largest players in the business of making surveillance and hacking tools for governments and law-enforcement agencies.
WhatsApp confirmed only a select group of journalists, lawyers, political activists and human rights defenders were targeted in the security breach.
The victims of the spyware included a Saudi dissident and several Mexican journalists. NSO is blamed for its role in selling hacking tools to the Saudi and Mexican governments to tracking and monitoring the phones of whom authorities see as “troublemakers”.
WhatsApp has just pushed out updates to close a vulnerability. We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer. Now is a great time to update your WhatsApp software https://t.co/pJvjFMy2aw https://t.co/e8VQUraZWQ
— Citizen Lab (@citizenlab) May 13, 2019
WhatsApp said Citizen Lab, a research group at the University of Toronto, had notified about the vulnerability before the incident.
On the other hand, NSO did not comment on WhatsApp security breach. A statement issued by NSO read the software was “strictly” licensed to the governments and the company would investigate any “credible allegations of misuse” of its technology. The NSO Group is currently facing four know legal cases, three in Israel and one based in Cyprus.
Freedom + Protection
Freedom + Protection
Freedom + Protection
2 things courageous people defending human rights urgently need. pic.twitter.com/zL9VcFGhjF
— Amnesty International (@amnesty) May 14, 2019
“NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics,” said Danna Ingleton, Deputy Director of Amnesty Tech.
Amnesty International, a London-based non-governmental organization focused on human rights, filed a petition with the District Court of Tel Aviva to revoke NSO group’s export license.
The NSO Group came to the limelight in 2016 when researchers accused it of helping spy on an activist in the United Arab Emirates.