May 15 2019

WhatsApp Hackers Install Surveillance on Cell Phones Just by CALLING People

Messaging app discovers vulnerability that has been open for weeks. A vulnerability in the messaging app WhatsApp has allowed attackers…

Messaging app discovers vulnerability that has been open for weeks. A vulnerability in the messaging app WhatsApp has allowed attackers to inject commercial Israeli spyware on to phones, the company and a spyware technology dealer said.

WhatsApp, which is used by 1.5bn people worldwide, discovered in early May that attackers were able to install surveillance software on to both iPhones and Android phones by ringing up targets using the app’s phone call function.

The malicious code, developed by the secretive Israeli company NSO Group, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs, said the spyware dealer, who was recently briefed on the WhatsApp hack.

WhatsApp, which is owned by Facebook, is too early into its own investigations of the vulnerability to estimate how many phones were targeted using this method, said a person familiar with the issue.

As late as Sunday, as WhatsApp engineers raced to close the loophole, a UK-based human rights lawyer’s phone was targeted using the same method.

Researchers at the University of Toronto’s Citizen Lab said they believed that the spyware attack on Sunday was linked to the same vulnerability that WhatsApp was trying to patch.

NSO’s flagship product is Pegasus, a program that can turn on a phone’s microphone and camera, trawl through emails and messages and collect location data.

NSO advertises its products to Middle Eastern and western intelligence agencies, and says Pegasus is intended for governments to fight terrorism and crime. NSO was recently valued at $1bn in a leveraged buyout that involved the UK private equity fund Novalpina Capital.

WhatsApp said teams of engineers had worked around the clock in San Francisco and London to close the vulnerability. It began rolling out a fix to its servers on Friday last week, WhatsApp said. All users should update to the latest version of WhatsApp, which was issued on Monday, the company said.

“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” the company said. “We have briefed a number of human rights organizations to share the information we can, and to work with them to notify civil society.” (Read More)