The popular messaging application WhatsApp revealed that it discovered a vulnerability in its network system that allowed hackers to install spyware via an infected WhatsApp voice call. The Facebook-owned social messenger stated the spyware can exploit the mobile device, its calls, texts, and other data. It can also activate the phone’s camera, microphone, and able to perform other malicious activities. According to Facebook, the malicious spyware was developed by Israel-based cyber intelligence company NSO Group.
“A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15,” Facebook said in a statement.
According to Facebook, the mobile devices with WhatsApp or WhatsApp Business installed in them are affected, including Apple’s iPhone (iOS), Android phones, Windows Phones, and Tizen devices. However, the company clarified that it’s unclear on the number of people spied on by hackers.
Facebook has advised its users to update their WhatsApp applications for further protection. The company said it has implemented a server-side change to protect users and pushed out updates for the various smartphone WhatsApp versions.
WhatsApp encountered a similar issue earlier in 2018 when the Indian Army issued a warning to the users of WhatsApp, alleging that Chinese hackers are targeting them to extract personal data. The Army took to the microblogging site, Twitter to urge users to use WhatsApp with caution. Indian Army’s official handle, the Additional Directorate General of Public Interface (ADGPI) also posted a video that said, “Stay cautious, stay alert, stay safe! The Chinese were penetrating the digital world.”
The video urged users to save contacts by name and to constantly keep a vigil on all WhatsApp groups and numbers. “Chinese are using many platforms to penetrate your digital world. WhatsApp groups are a new way of hacking into your system. Chinese numbers barge into your groups and start extracting all the data. If you change your mobile number, inform the group admin; if you change your SIM card, destroy it completely,” it advises.
Also, a survey by Natalie Silvanovich, a digital forensics expert at Google Project Zero, discovered that answering a WhatsApp video call can compromise smartphones. The researcher stated that a security bug in the WhatsApp messenger application allows attackers to take control of the smartphone by placing a WhatsApp video call.
Describing the issue as a “memory corruption bug in WhatsApp’s non-WebRTC video conferencing implementation,” the security researcher stated that a memory heap overflow issue causes when an attacker places a specially created malformed RTP (Real-time Transport Protocol) via WhatsApp video call request, resulting in the break-in to the mobile memory.