It has been confirmed that in messaging app Whatsapp hackers were able to remotely install surveillance software on the phones as well as other devices using a significant vulnerability. WhatsApp, owned by Facebook supposed that the attack targeted a particular number of users and was orchestrated by an advanced cyber actor. On Friday, a fix was rolled out, and as per the report by the Financial Times, the attack was developed by Israeli security firm NSO Group.
Yesterday WhatsApp requested all its 1.5bn users to update their apps as a precautionary measure. This attack was initially discovered earlier this month, and it involved attackers using WhatsApp’s voice calling the function to ring a target’s device. Even if the target did not pick the call, the surveillance software would be installed, and the call would often disappear from the device’s call log too.
WhatsApp told media that its security team was the first to notice this flaw and shared details with human rights groups along with selected security vendors and US Department of Justice previous this month. On the other side It also in print an advisory to security specialists in which it clarifies the flaw ‘a butter overflow vulnerability in WhatsApp VOIP stack permitted remote code execution via specially crafted series of SRTCP packets which were sent to target phone number.’
The group behind the software
The NSO Group is an Israeli company that was also known in the past as a cyber arms dealer. Its flagship software, Pegasus has the capability to gather intimate data from a target device counting capturing data through the camera as well as microphone and also collecting location data too. In a statement by the group ‘NSO’s technology is licensed to authorized government agencies for the sole purpose of fighting terror and crime. The company does not operate the system and after a rigorous licensing and vetting procedure. Intelligence and law enforcement determine how to utilize technology to support their public safety missions. We enquire any credible allegations of misuse, and we take action counting shutting down the system.’
‘Under no situations would NSO be linked in the operating or identifying the targets of its technology which is solely functioned by intelligence and law enforcement agencies. NSO would not or could not utilize its technology in its own right to target any organization or else a person.’
Who was targeted?
According to messaging App WhatsApp, it’s too early to tell how many users were targeted or have been affected by the vulnerability. However, it added that suspected attacks were highly targeted. As per the company’s latest figures, WhatsApp has about 1.5bn users worldwide. On the other hand, Amnesty International supposed that it had been targeted by tools created by the NSO group in an earlier period and this attack was one human right groups had long feared was doable.
Deputy program director for Amnesty Tech, Danna Ingleton, said that ‘they are able to infect phone without you actually taking an action.’ She also added that there was escalating proof that the tolls were utilized by regimes to keep major activists as well as journalists under surveillance. She added that ‘NSO group sells its product to governments who are well known for outrageous human rights abuses, offering them the tools to track critics and activists.