Facebook (News - Alert)-owned WhatsApp is the latest to become a victim of today’s online security black hole. While no organizations big or small are safe from potential attacks, the messaging service has long been touted as a safe place to send fully encrypted messages, and is a top choice for users in nations across the globe when it comes to messaging and chat.
That all changed earlier this month when news was released that the application had been compromised. The company is urging its 1.5B users worldwide to now update the applications on their devices as a precaution.
Here’s What We Know
Israeli company NSO’s Pegasus spyware created the vulnerability, which essentially installed malware on devices that could spy on everything from messages, to activating the microphone and even logging keystrokes. Facebook confirmed the malware installation could happen on any operating system and didn’t require a target to click a phishing link to install it. A simple phone call to the device could begin the attack.
The company is yet to determine exactly who was the main target for these attacks and how many people were affected but does believe it was a very targeted attack at a specific group.
Its programs are typically used by government groups to fight crimes and terrorism.
In an advisory submitted to security specialists, the company described the vulnerability as being, “a buffer overflow vulnerability in WhatsApp VOIP stack permitted remote code execution via specially crafted series of SRTCP packets which were sent to target phone number.”
What Now?
The company included a patch in its latest version so it’s vital all users update to the latest version to eliminate the chances of a breach.
For the every-day user, end-to-end encryption for chat and messaging are still the best route when it comes to having secure conversations - so don’t go deleting the app just yet. However, this is a good reminder to keep your operating systems updated and to download the latest patches and versions for any software you run to ensure the best protection.