WhatsApp 0-Day Flaw used to Secretly Install Spyware on Phones


WhatsApp has patched a severe vulnerability which was exploited by attackers to remotely install surveillance malware on some smartphones by making a call to the targeted phone numbers over WhatsApp audio call.

Israeli company NSO Group which produces the most advanced mobile spyware has discovered, weaponized and sold the WhatsApp exploit which installs Pegasus spyware on to Android and iOS devices.

Facebook has published an advisory according to which a buffer overflow vulnerability in WhatsApp VOIP stack allows remote attackers to execute arbitrary code on target phones by sending a specially crafted series of SRTCP packets.

The vulnerability, named as CVE-2019-3568, can be exploited to install the spyware and steal data from a targeted Android phone or iPhone by easily making a WhatsApp call, even when the call is not answered.

It is impossible for a victim to find out about the intrusion as the spyware deletes the incoming call information from the logs to operate secretly.

According to the WhatsApp engineers only few users were targeted by the NSO Group spyware using this vulnerability.

Citizen Lab, a watchdog group at the University of Toronto which is investigating NSO Group’s activities, believe the vulnerability was used to attack a UK-based human rights lawyer.

The Pegasus spyware lets attackers to access large volume of data from victims’ smartphones remotely, including their text messages, emails, WhatsApp messages, contact details, calls record, location, microphone, and camera without the knowledge of the victim.

The vulnerability affects all except the latest version of WhatsApp on iOS and Android.  Facebook states that “The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15”

The vulnerability was discovered earlier this month and was informed to the Department of Justice of the issue. All the WhatsApp users, both iOS and Android are highly recommended to update their apps to the latest version as early as possible.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Thrangrycat flaw lets attackers implant persistent backdoors on Cisco devices

    Previous article

    Microsoft May 2019 Patch Tuesday fixes a ‘Wormable Flaw’ and 78 Other Issues

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *