A vulnerability was discovered in the WhatsApp messaging application that was exploited by hackers. Using the gap, they surveillance software and could monitor users' activities. A patch for Messenger that closes the flaw is said to have already been released.
The company's management stated that the attack was aimed at a limited number of users and was organized by advanced specialists. WhatsApp clarified that the company's security service was the first to identify the problem.
The operating principle is similar to the old one Skype on Android. This flaw made it possible to bypass screen locks without using special methods. The idea is that the WhatsApp voice call feature is used to call the target smartphone. Even if the call is not accepted, surveillance software can still be installed. In this case, the call often disappears from the activity log on the device.
It is reported that the Israeli firm NSO Group, which the media calls a “cyber weapons dealer,” is somehow involved in this. It is associated with the elections in Brazil, where WhatsApp was used to send fake data. It is alleged that the company is likely private and is collaborating with governments to supply spyware.
The vulnerability itself is implemented through a buffer overflow, which allows remote code execution using a series of specially crafted SRTCP packets. At the same time, NSO Group itself denies its involvement and claims that its developments are used only to combat terrorism. It is also stated that NSO technologies will never be used for cyber attacks on other companies, government agencies, and so on.
Source: 3dnews.ru