Users of iOS devices have been at risk of spyware in the past weeks due to weaknesses in the defences of messaging and voice over IP service WhatsApp, says MacRumors. In a recent announcement, the Facebook-owned application revealed that it had vulnerabilities that enabled attackers to access and exploit a fault in its voice call feature. This allowed hackers to access private information on iOS and Android devices on which the app is installed.
According to reports, a bug gave hackers access to the app’s code, allowing them to install a ‘malicious code’ that mined data from devices. This is true even when users do not answer voice calls.
Experts say that this spyware share features with Pegasus, spyware from Israeli developer NSO Group, reports Ars Technica. This company is also referred to as a ‘spyware technology dealer.’ MacRumors indicated that NSO Group offers Pegasus spyware to ‘governments who purchase’ it to install on ‘individuals who are the target of an investigation.’
Pegasus is also known as malicious software that jailbreaks and roots a device to gain access to various kinds of sensitive data, says Ars Technica.
The messaging company clarified that the breach was brought by a code that can only be executed using a series of SRTCP packets which are delivered to a specific phone number via voice calls. WhatsApp’s announcement also says that the flaw was ‘nontrivial to deploy.’ This means that any exploitation of the bug can be attributed to highly equipped attackers with motives.
Meanwhile, the security fault was addressed by WhatsApp experts and was able to implement a patch mid-May. This action came after a London-based human rights attorney reported ‘abnormal voice calling activity.’
There was no information as to how long the vulnerability was in place and how many individuals fell victim to the attack. However, there was evidence that the breach was exploited to target the above-mentioned lawyer who works in cases filed against NSO Group. This complaint claims that NSO should share responsibility should its customers abuse its products and services such as Pegasus.
Researchers speculate that there were other targets as well.
WhatsApp versions affected by the attack includes the app for Android before v2.19.134, business version for Android before v19.44, the app for iOS before v2.19.51, business version for iOS before v2.19.51, Windows phone version before v2.18.348 and Tizen version before v2.18.15.