By: T. Chapman
A security vulnerability which allowed hackers to secrectly infect phones with malicious spyware by just calling phone numbers over an in-app call has been patched says WhatsApp.
With over 1.5 billion users, the Facebook-owned company said the attack targeted a “select number” of users, and was orchestrated by “an advanced cyber actor,” according to a statement from a WhatsApp spokesperson.
Documented as CVE-2019-3568, the vulnerability was discovered early this month as per information disseminated by The Financial Times.
The vulnerability exploited a bug in the audio call feature of the app to allow the caller to inject spyware on the device being called, irrespective of whether the call was answered or not.
In addition, the spyware erases the incoming call information from the logs, thus making it impossible for the targeted victim to detect the intrusion.
Even with WhatsApp’s end-to-end encryption feature, which scrambles the messages between two parties in transit so as to prevent third-parties from eavesdropping, the malicious code could still still be injected. This is possible by the leveraging of a buffer overflow vulnerability.
What is A buffer?
It is a temporary area for data storage. An overflow occurs when more data than the buffer can hold is written causing the buffer to write excess data to the adjacent memory location. When this happens, it can sometimes cause content in that location to be overwritten, leading to unpredictable results in a program.
While the exploit was patched on the server side, it’s always advisable to update to the latest versions of the app for improved security and stability.