A comprehensive coverage of Whatsapp Security Breach and the NSO Malware

If you have Whatsapp installed on your phone (Android or iOS or Windows Phone), it’s time to urgently update your Whataspp. Yesterday, WhatsApp admitted a major cybersecurity breach that has enabled targeted spyware to be installed on phones through voice calls. The security vulnerability affects both iPhone and Android devices, with malicious spyware code. It has been estimated that 1.5 billion devices have been affected by this malware, which is the largest in recent times.

WhatsApp, which said that the vulnerability was discovered this month, and that the company quickly addressed the problem within its own infrastructure, has told users to update to the latest version of the app which was published Monday.

“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” a spokesperson said in a statement.

It has been alleged that the footprints of the spyware matches those of a private Israeli company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems. The said company (NSO Group ) has said that it “would, or could not, use its technology in its own right to target any person or organization”.

Going more deep technically, Facebook, the parent company of Whatsapp said, “A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.”

Civil Rights group, Amnesty International has said that it is supporting a legal action to take the Israeli Ministry of Defence (MoD) to court, to demand that it revokes the export license of NSO Group.

The said spyware is allegedly part of NSO Group software called Pegasus, which has been widely used for digital surveillance. Research has documented the use of NSO Group’s Pegasus spyware to target a wide swathe of civil society.

On their part, the NSO group says that “NSO Group develops cyber technology to allows government agencies to identify and disrupt terrorist and criminal plots. Our product is intended to be used exclusively for the investigation and prevention of crime and terrorism. Any use of our technology that is counter to that purpose is a violation of our policies, legal contracts, and the values that we stand for as a company.”