A flaw within Facebook's WhatsApp messaging application discovered this week has left users vulnerable to malicious spyware suspected to be the Pegasus malware, that may have installed on their devices.
Used by over 1.5 billion people, WhatsApp has found its place in the Facebook ecosystem as the choice communication or messaging app for users around the world. With the vast reach of WhatsApp, the recent breach that was confirmed in a Facebook security advisory released Monday outlines versions of WhatsApp that are affected.
Currently, Facebook is asking that users of WhatsApp update their app immediately to remedy the vulnerability that could essentially "allow remote code execution via specially crafted series of SRTCP packets sent to a target phone number." In so many words, Facebook is attempting to relay a message that means a device with a plagued version of WhatsApp could be leveraged to access and steal data stored on mobile devices through spyware. One thing to note, this isn't the first time Facebook had to "rescue" WhatsApp - they had a potential privacy violation just last year.
After digging around, researchers have found that the WhatsApp flaw allows the app to be attacked by just leaving a missed call. The process of the attack looks to have rooted from an Israeli company that sells technology exploits to governments, which would allow them to spy on citizens of a specific area.
Researchers do not know how vast the spyware attack on WhatsApp was, but it was used on various phones already and may have already done some damage. Moreover, no one definitively knows who the perpetrators were in the attack other than they look to fit the mold of an advanced threat actor or someone or some group of hackers who are deep into the fray of attacking well-known entities.
Both Android and iOS versions of the app were affected in the suspected Pegasus spyware attack, which has left potentially affected users with only a couple options of rectifying the issue, uninstall the app or update it to the most recent version. In fact, Citizen Lab researcher, John Scott-Railton, said of the attack, "There's nothing a user could have done here, short of not having the app."
A WhatsApp spokesperson said that the attack had "all the hallmarks of a private company that has been known to work with governments to deliver spyware that has the ability to take over mobile phone operating systems." The private company that some are suspecting is Israel's NSO Group, who was identified by The Financial Times as the threat actor. However, the NSO stated that they provide spying tech to government agencies and it does not use it for itself.
U.S. law enforcement has been sent details on the spyware attack, speculated to be the Pegasus malware, and will be assisting in an investigation. Many are deeply concerned that hackers could abuse the capabilities of a messaging app that reaches so many people. Regardless of who the perpetrators turn out to be, the WhatsApp attack will go down in history of a notable threat to the security of billions of app users and draw caution and criticism among users of similar apps and the juggernauts of social media networks.