Security Researchers at the University of Toronto’s Citizen Lab said that they believe the spyware attack against the UK-based human rights lawyer on Sunday was using this method.Įarlier there were reports of many human rights campaigners in the Middle East received text messages containing links to download Pegasus spyware to their devices. The spyware is also capable of erasing incoming call data making it difficult for users to find out about the intrusion. The flaw tracked as CVE-2019-3568 is a buffer overflow vulnerability exist in the WhatsApp VOIP stack which allows remote code execution via specially crafted series of SRTCP packets sent to the target phone number.Īccording to Financial Times, the spyware was developed by the secretive Israeli company NSO Group which can be installed even if the user didn’t attend the call and steal data from the targeted device. In May the company discovered that attackers were exploiting this flaw to install surveillance software on to some targeted devices by just making a WhatsApp audio call to that device. A critical flaw in Whatsapp allowed attackers to remotely install spyware on the user’s phone by simply making a WhatsApp call.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |