WhatsApp – a free messaging service owned by Facebook – recently reported that surveillance software attack had been detected, affecting an unknown number of users. But how did the attack happen in the first place and how will it affect users?
Details have emerged concerning a attack that allowed an ‘advanced cyber actor’ to install surveillance software on an unknown number of WhatsApp user devices. What stands out about this particular attack is that the software was installed without any interaction from victims – typically a software is installed when a user downloads an infected file, or clicks on a malicious web link.
In this instance, attackers were able to use the voice call function to install the software and it would install regardless of whether the targeted individual answered the call. Evidence of the call was then wiped from the call log.
To protect themselves, anyone using WhatsApp should update the app to the latest version which has resolved the flaw. However there are greater implications here, as explained in the Daily Mail by DynaRisk’s CEO, Andrew Martin.
“Generally speaking, all other hackers start looking into the remote code execution vulnerability where any action can be executed. This is an important vulnerability as it can be used on any phone and requires zero interaction as they don’t need to click anything for the software to install itself. When you make a call it opens a connection to the phone and sends over a stream of data and this can, reportedly, be manipulated.”
Andrew will also be discussing the topic on LBC London, 14 May 2019. Tune in to find out more!