On May 14 was detected a vulnerability in the popular messaging application: WhatsApp. The threat allows hackers to install spyware on users’ devices, simply through a video call.
The spokesmen of the application have commented: “we believe that an advanced cybercriminal has attacked a determined number of users through this vulnerability.
The attack has all the characteristics of a private company that reportedly works with governments to offer spyware that takes control of the mobile phone operating systems”.
A spyware, allows cybercriminals to take remote control of a device in which they are able to: activate the microphone, camera and access the user’s data at any time.
Known as “zero-day vulnerability” as “zero-day vulnerability” it is a security breach unknown until now. Andrés Núñez, Director of S2 Grupo Madrid points out: “nobody knew heretofore that through a video call from WhatsApp somebody could insert code into the app”
According to WhatsApp, it can not be confirmed how many people were affected, although everything indicates that the victims were chosen so it would not be a massive attack.
How did the WhatsApp vulnerability work?
The modus operandi of the attackers was:
They made a WhatsApp call to the chosen phone and even if the victim did not respond to the call, the spyware was installed on the device.
In several cases, the call disappeared from the history of the device, so that the affected user could not even suspect the incident.
Among those affected are human rights organizations and cybersecurity companies. The vulnerability could infect phones, both with the iOS operating system and Android.
Research has been initiated to identify those responsible. The suspicions fall, mainly, on the Israeli group NSO Group, who could have devised the Pegasus spy software. It is a surveillance malware whose purpose is to carry out specific attacks.
One of the reasons that reinforce the hypothesis that NSO Group is behind the incident is the victims are from human rights defense associations. Since in the past, they have carried out attacks against this type of organizations.
NSO Group, a non-transparent group that operated clandestinely for many years, is dedicated to designing spyware for its clients, especially for government institutions.
WhatsApp has already notified regulators both at European level and in the United States to start an investigation. They also had informed human rights organizations to address the problem in front of the public.
If you did not know this vulnerability so far, we suggest (as WhatsApp reported) to update the app on all your devices. Here we show you the latest version for all operating systems:
– Android: v2.19.134,
– WhatsApp Business for Android: v2.19.44
– iOS: v2.19.51,
– WhatsApp Business for iOS: v2.19.51
– Windows Phone: v2.18.348
– Tizen: v2.18.15
The most likely thing is this cyber attack does not affect you, since it was aimed at relevant personalities with privileged information. However, it is also very important to keep in mind that this is not the only threat that you are exposed, there are many spyware that may be affecting your device without you being aware. A good measure of prevention is to keep the latest versions of both the operating system and the applications installed on our devices.
Total security does not exist, neither on the internet nor in the physical world, but if we protect ourselves in an appropriate way, we can minimize the risks to which we expose ourselves.