It is confirmed that hackers have been able to remotely install surveillance software on phones and other devices, by taking advantage of a major flaw in what they discovered in messaging app, WhatsApp .
WhatsApp is one of Facebook’s family apps, and Facebook’s challenges with privacy and data breaches has been a matter of public show over the last couple of months, as such, this goes on to add to the larger corporate entity’s headaches.
WhatsApp said that the attack targeted a “select number” of users and it was undertaken by “an advanced cyber actor.”
The company rolled out a fix on Friday as a result. On Monday, WhatsApp asked its billions of users across the globe to update their apps as an added precaution.
The Financial Times reports that the surveillance software used was developed by NSO Group, an Israeli firm.
Facebook first became aware of this WhatsApp hack earlier on in May. This is a huge blow to the messaging app that prides itself in being a secure communication medium with end-to-end encryption – meaning that messages should only be readable by the sender and receiver, and any third-party interception will not be legible or readable. This was not the case with NSO Group software. It allows the hacker to easily read the messages on the target’s device.
How WhatsApp was Hacked
The attackers used WhatsApp’s voice calling function to call an intended target’s phone. That seems to be all that needs to be done, because whether or not the phone call was picked, the surveillance software could be installed anyway. According to the Financial Times, the call will often disappear from the device’s call log.
WhatsApp claims that its security team was the first to discover the security incursion. The company went on to share this discovery with human rights groups, selected security enterprises and the US Department of Justice.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” Facebook said on Monday.
The company also published an advisory to security specialists, where it described the flaw as a “buffer overflow of vulnerability in WhatsApp VOIP (Voice Over Internet Protocol) stack allowed remote code execution via specially crafted series of SRTCP (Secure Real-Time Transport Protocol) packets sent to a target phone number.”