WhatsApp has disclosed a vulnerability in its iOS and Android client which allowed hackers to install spyware on devices by exploiting a buffer overflow vulnerability in the WhatsApp VoIP stack.
The vulnerability was discovered by WhatsApp in early May. Hackers were able to remotely install spyware on a user device irrespective of whether they answered the call or not. Hackers used the exploit to install Israel’s NSO Group’s Pegasus spyware which is usually licensed and used by governments for investigation purposes and to acquire more information from their target.
Description: A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.
It is unclear as to how long this exploit was known by hackers and how many people were affected by it. WhatsApp, however, says that it expects only a limited number of users to be affected by it since carrying out the hack is relatively difficult and requires motivated hackers and actions.
Apart from rolling out app updates to patch the exploit, WhatsApp also made changes to its infrastructure to ensure the attack could not be carried out. However, the company strongly recommends users to update their WhatsApp to the latest version for the optimum protection.
Given that WhatsApp is used by millions of people on a daily basis to send billions of messages, it is important that the company discovers and patches such exploit as soon as possible.