Secure Messaging No More: WhatsApp Urging Users to Update App After Attack

By

Facebook-owned WhatsApp is the latest to become a victim of today’s online security black hole. While no organizations big or small are safe from potential attacks, the messaging service has long been touted as a safe place to send fully encrypted messages, and is a top choice for users in nations across the globe when it comes to messaging and chat.

That all changed earlier this month when news was released that the application had been compromised. The company is urging its 1.5B users worldwide to now update the applications on their devices as a precaution.

Here’s What We Know
Israeli company NSO’s Pegasus spyware created the vulnerability, which essentially installed malware on devices that could spy on everything from messages, to activating the microphone and even logging keystrokes. Facebook confirmed the malware installation could happen on any operating system and didn’t require a target to click a phishing link to install it. A simple phone call to the device could begin the attack.

The company is yet to determine exactly who was the main target for these attacks and how many people were affected but does believe it was a very targeted attack at a specific group.

Its programs are typically used by government groups to fight crimes and terrorism.

In an advisory submitted to security specialists, the company described the vulnerability as being, “a buffer overflow vulnerability in WhatsApp VOIP stack permitted remote code execution via specially crafted series of SRTCP packets which were sent to target phone number.”

What Now?
The company included a patch in its latest version so it’s vital all users update to the latest version to eliminate the chances of a breach.

For the every-day user, end-to-end encryption for chat and messaging are still the best route when it comes to having secure conversations - so don’t go deleting the app just yet. However, this is a good reminder to keep your operating systems updated and to download the latest patches and versions for any software you run to ensure the best protection.




Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Shabodi Accelerates Adoption of Network-Aware Applications with CAMARA API Enterprise Reference Implementation

By: Special Guest    2/16/2024

Shabodi, an Application Enablement Platform (AEP) provider unleashing advanced network capabilities in LTE, 5G, 6G, and Wi-Fi 6, announced they have l…

Read More

How Much Does Endpoint Protection Cost? Comparing 3 Popular Solutions

By: Contributing Writer    2/2/2024

Endpoint protection, also known as endpoint security, is a cybersecurity approach focused on defending computers, mobile devices, servers, and other e…

Read More

What Is Databricks? Simplifying Your Data Transformation

By: Contributing Writer    2/2/2024

Databricks is an innovative data analytics platform designed to simplify the process of building big data and artificial intelligence (AI) solutions. …

Read More

What Is Blue/Green deployment?

By: Contributing Writer    1/17/2024

Blue/green deployment is a software release management strategy that aims to reduce downtime and risk by running two identical production environments…

Read More

The Threat of Lateral Movement and 5 Ways to Prevent It

By: Contributing Writer    1/17/2024

Lateral movement is a term used in cybersecurity to describe the techniques that cyber attackers use to progressively move through a network in search…

Read More