The Zero-Day Vulnerability found in WhatsApp Messaging App that allowed spyware to be injected into a victim Phone through WhatsApp Call function.
The Spyware was developed by the Israeli cyber intelligence company NSO group.
Cyber attackers injecting the malicious code to a victim device by calling the user and infecting the call whether or not the recipient answered the call.
WhatsApp has patched the vulnerability, and encouraging to update the WhatsApp messaging App for iPhone and Android users.
According to Facebook advisory CVE-2019-3568 , The Buffer Overflow Vulnerability in WhatsApp.
"Description: A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number. Affected Versions: The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15. Last Updated: 2019-05-13"
“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” NSO Group told to Financial Times (FT). “NSO would not, or could not, use its technology in its own right to target any person or organization, including this individual.”
“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” said WhatsApp in a statement provided to The Financial Times. “We have briefed a number of human rights organizations to share the information we can, and to work with them to notify civil society.”
In September 2018, the Citizen Lab revealed that One of the world’s most dangerous Android and iPhone spyware program has been found deployed against targets across 45 countries around the world.
WhatsApp has just pushed out updates to close a vulnerability. We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer. Now is a great time to update your WhatsApp software https://t.co/pJvjFMy2aw https://t.co/e8VQUraZWQ
— Citizen Lab (@citizenlab) May 13, 2019
According to 2016 report by the New York Times. NSO limits sales of its spyware, Pegasus, to state intelligence agencies. The spyware’s capabilities are near absolute. Once installed on a phone, the software can extract all of the data that’s already on the device (text messages, contacts, GPS location, email, browser history, etc) in addition to creating new data by using the phone’s microphone and camera to record the user’s surroundings and ambient sounds,
“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” said WhatsApp in a statement.