Alert: WhatsApp Spyware Found on Many Phones – Update Your WhatsApp App Now!

Alert_ WhatsApp Spyware Found on Many Phones - Update Your WhatsApp App Now!
Share the knowledge

WhatsApp is urging users to update to the latest version of WhatsApp ASAP, after it was revealed that WhatsApp spyware – believed to be the handiwork of Israeli cyber company NSO – has been installed on countless phones.

WhatsApp Statement on WhatsApp Spyware

The WhatsApp statement on the issue says that “The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems. We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society.”

NSO, who denies involvement, is perhaps best (or at least most recently) known for their Pegasus software, which was implicated in the events leading up to journalist Jamal Khashoggi’s death. In that case it is believed that Pegasus was installed on the phone of a friend of Khashoggi’s, Omar Abdulaziz, when Abdulaziz clicked on a link in a fake DHL text message. Once Pegasus was installed on his phone it allowed the Saudis to spy on his communications with, and thus lead them to, Khashoggi.

Now NSO is suspected of creating the spyware that has been installed on an unknown number of WhatsApp phones. In a statement to the Financial Times, an NSO spokesperson said that “Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.”

While it is believed that the spyware is targeting journalists (sound familiar?) and advocates, the installation vector is so simple that WhatsApp and Facebook are urging everyone to install the WhatsApp update, to ensure that their phone is not infected.

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

How the WhatsApp Spyware is Transmitted to the Target Phone

Here’s how simple it is to infect a phone with WhatsApp installed:

1. The person who is targeting someone with the spyware calls the target’s phone with WhatsApp via their VoIP connection.

2. There is no 2. That’s how simple it is. The target doesn’t even have to answer the phone.

Because the call is going over the Internet (VoIP stands for Voice Over Internet Protocol), it turns out that it is very easy to send the spyware from the originating phone to the target’s phone.

A security advisory posted by WhatsApp parent company Facebook reads:

CVE-2019-3568
Description: A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.

Affected Versions: The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

Last Updated: 2019-05-13

Again, all persons who have WhatsApp installed on their phones are urged to update the app immediately.

Or, you know, uninstall it.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.