CVE-2019-3568 in WhatsApp Exploited Using Pegasus Spyware
CYBER NEWS

CVE-2019-3568 in WhatsApp Exploited Using Pegasus Spyware

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

Are you a user of WhatsApp? If so, beware that a serious vulnerability in the application has been exploited. The flaw allowed hackers to compromise devices using a form of advanced spyware developed by Israeli company NSO Group.




The vulnerability is tracked under CVE-2019-3568, and was first reported by Financial Times.

CVE-2019-3568 Official description

The vulnerability is described as buffer overflow in WhatsApp VOIP stack. It allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.

The vulnerability affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

Apparently, CVE-2019-3568 was discovered earlier this month while the company was making security improvements.

Exploits based on the flaw happened by calling either a vulnerable iPhone or an Android device via the WhatsApp calling function. It should be mentioned that the calls didn’t need to be answered, and often disappeared from logs. Fortunately, the flaw was supposedly fixed.

Who is NSO Group? The company is the maker of Pegasus, an advanced spyware application that jailbreaks or roots infected devices enabling the spyware to go through private messages, activate the microphone and camera, and collect sensitive information.

Related:
To be more precise, the plan is to keep the apps separate but unify their technical and software architecture. What would this merger mean to users?
Facebook Messenger, Instagram, WhatsApp to Become One Platform.

It is curious to note that the Pegasus spyware has been used in

This YOUR APPLE DEVICE HAS A VIRUS removal guide shows how victims can remove this common Apple Scam leading to a fake tech support attempt
fake tech support scams which claimed that the victims’ devices were infected with it.

As for the actual attack involving WhatsApp, according a company’s representative, a small number of users were targeted via CVE-2019-3568 by advanced attackers, ArsTechnica said.

The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” the representative added without directly mentioning NSO Group. According to reports, one of the targets of the attack was a UK-based human rights lawyer whose device got compromised on Sunday.

CVE-2019-3568 Already Fixed

The buffer overflow vulnerability should now be fixed in a patch released on Monday. Here’s how to update WhatsApp according to your OS. WhatsApp has purportedly reported the attack to US law enforcement to help them with the investigation. As for NSO Group, it appears that the company is facing a challenge in Israeli court regarding the company’s ability to export its spyware.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

6 Comments

  1. Craig

    What is the minimum version that has the patch?

    Reply
    1. Milena Dimitrova (Post author)

      Hi Craig,
      You should update to the latest version of the app. For Android it is Version 2.19.137.

      Reply
  2. Régis

    Pouvez-vous donner l’article d’origine ? Car là, c’est pas lisible tellement la traduction est approximative. Non aux articles Google Translate

    Reply
    1. Milena Dimitrova (Post author)

      Hi there,
      The article has been translated automatically for your convenience. All original content on SensorsTechForum.com is in English.

      Reply
  3. John

    There’s no update to 2.19.137. I am still on v2.19.134 because it is the latest version!

    Reply
  4. Gaston leonardo firpo

    Yo pregunto! Si el virus ese pegasus. . Entra a tu celular .. y notas cosas raras como el envío de mensajes a otras personas desde tu WhatsApp y a vos no te aparese nada.. y supuestamente la otra persona tiene tu mensaje … Otra parese EN LÍNEA Y TU TELÉFONO ESTA APAGADO Y SIN LA BATERÍA PUESTA.. ? COMO SE SACA EL VIRUS DEL CELULAR SI ES QUE YA ESTA HEKEADO.. TU CELULAR.. HAY FORMA DE VER SI AL ACTUALIZAR WHATSAPP EL VIRUS SE BA.. DEL CELULAR.. O CONTINUA.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Stay tuned
Subscribe for our newsletter regarding the latest cybersecurity and tech-related news.