Are you a user of WhatsApp? If so, beware that a serious vulnerability in the application has been exploited. The flaw allowed hackers to compromise devices using a form of advanced spyware developed by Israeli company NSO Group.
The vulnerability is tracked under CVE-2019-3568, and was first reported by Financial Times.
CVE-2019-3568 Official description
The vulnerability is described as buffer overflow in WhatsApp VOIP stack. It allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.
The vulnerability affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.
Apparently, CVE-2019-3568 was discovered earlier this month while the company was making security improvements.
Exploits based on the flaw happened by calling either a vulnerable iPhone or an Android device via the WhatsApp calling function. It should be mentioned that the calls didn’t need to be answered, and often disappeared from logs. Fortunately, the flaw was supposedly fixed.
Who is NSO Group? The company is the maker of Pegasus, an advanced spyware application that jailbreaks or roots infected devices enabling the spyware to go through private messages, activate the microphone and camera, and collect sensitive information.
Related: Facebook Messenger, Instagram, WhatsApp to Become One Platform
It is curious to note that the Pegasus spyware has been used in fake tech support scams which claimed that the victims’ devices were infected with it.
As for the actual attack involving WhatsApp, according a company’s representative, a small number of users were targeted via CVE-2019-3568 by advanced attackers, ArsTechnica said.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” the representative added without directly mentioning NSO Group. According to reports, one of the targets of the attack was a UK-based human rights lawyer whose device got compromised on Sunday.
CVE-2019-3568 Already Fixed
The buffer overflow vulnerability should now be fixed in a patch released on Monday. Here’s how to update WhatsApp according to your OS. WhatsApp has purportedly reported the attack to US law enforcement to help them with the investigation. As for NSO Group, it appears that the company is facing a challenge in Israeli court regarding the company’s ability to export its spyware.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me:
What is the minimum version that has the patch?
Hi Craig,
You should update to the latest version of the app. For Android it is Version 2.19.137.
Pouvez-vous donner l’article d’origine ? Car là, c’est pas lisible tellement la traduction est approximative. Non aux articles Google Translate
Hi there,
The article has been translated automatically for your convenience. All original content on SensorsTechForum.com is in English.
There’s no update to 2.19.137. I am still on v2.19.134 because it is the latest version!
Yo pregunto! Si el virus ese pegasus. . Entra a tu celular .. y notas cosas raras como el envío de mensajes a otras personas desde tu WhatsApp y a vos no te aparese nada.. y supuestamente la otra persona tiene tu mensaje … Otra parese EN LÍNEA Y TU TELÉFONO ESTA APAGADO Y SIN LA BATERÍA PUESTA.. ? COMO SE SACA EL VIRUS DEL CELULAR SI ES QUE YA ESTA HEKEADO.. TU CELULAR.. HAY FORMA DE VER SI AL ACTUALIZAR WHATSAPP EL VIRUS SE BA.. DEL CELULAR.. O CONTINUA.