Whatsapp Doc?
Nice Security You Got There Facebook
If you happen to be a Whatsapp user, you should stop chatting for a moment and update your client as there is a new attack which bears a remarkable resemblance to the Pegasus spyware detected late last year. Without Friday’s patch the voice call function on the app can be used to install spyware on your device, even if you don’t pick up that mysterious call. As The Inquirer points out, this is a bit of a blow to an app advertised as “safe, secure, end-to-end encrypted messaging“. If the spyware is installed on your device, it allows whomever distributed it to read encrypted chats, eavesdrop on your calls, photos, and contacts, as well as being able to turn your microphone and camera on without your knowledge.
It is possible the fairly quick patching of this vulnerability indicates Facebook’s merging of Facebook Messenger, Instagram and WhatsApp is not all bad, as they are favourite targets for those seeking to target people for identity theft, blackmail and all sorts of wonderful pastimes.
There's a very good chance that this was a State sanctioned hack, though which state isn't clear. However, the FT reports that the spyware was developed by Israel's NSO Group, whose Pegasus malware was previously used to target Amnesty International.
More Tech News From Around The Web
- It’s 2019 so now security vulnerabilities are branded using emojis: Meet Thrangrycat, a Cisco router secure boot flaw @ The Register
- Twitter Bug Shared Location Data For Some iOS Users @ Slashdot
- Disney is Taking Full Control of Hulu @ Slashdot
- Adobe will edit out legacy versions of Creative Cloud apps @ The Inquirer
- LED Panel Lamp Is A Great Way To Use Protoboard @ Hackaday
- FCC promises, yet again, to tackle robocalls. Translation: Expect six more months of waiting @ The Register
Meh. Facebook IS spyware. I don’t think their users are too concerned about that, as longs as the app keeps working.