Navigation
Search
|
WhatsApp vulnerability exploited to infect phones with Israeli spyware
Tuesday May 14, 2019. 04:00 AM , from Ars Technica
Enlarge (credit: Santeri Viinamäki)
Attackers have been exploiting a vulnerability in WhatsApp that allowed them to infect phones with advanced spyware made by Israeli developer NSO Group, the Financial Times reported on Monday, citing the company and a spyware technology dealer. A representative of WhatsApp, which is used by 1.5 billion people, told Ars that company researchers discovered the vulnerability earlier this month while they were making security improvements. CVE-2019-3568, as the vulnerability has been indexed, is a buffer overflow vulnerability in the WhatsApp VOIP stack that allows remote code execution when specially crafted series of SRTCP packets are sent to a target phone number, according to this advisory. According to the Financial Times, exploits worked by calling either a vulnerable iPhone or Android device using the WhatsApp calling function. Targets need not have answered a call, and the calls often disappeared from logs, the publication said. The WhatsApp representative said the vulnerability was fixed in updates released on Friday. Read 8 remaining paragraphs | Comments
https://arstechnica.com/?p=1504773
|
25 sources
Current Date
Apr, Sat 27 - 06:49 CEST
|