Monday, December 4, 2023

WhatsApp Hacked – Attackers Exploit iPhone or Android device by Making a WhatsApp call

By Guru baran

WhatsApp hacked

A critical remote code execution vulnerability in WhatsApp allows hackers to deploy spyware remotely on the vulnerable devices.

The vulnerability was discovered earlier this month by WhatsApp, and it can be tracked as CVE-2019-3568. The vulnerability resides in “WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.”

It affects the following versions that include Android before v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

The vulnerability can be exploited by making a WhatsApp call to the vulnerable iPhone or Android device and infect the call whether the recipient answered the call or not. Also, the logs of the incoming call were often erased.

The spyware in question was developed by Israeli cyber intelligence company NSO Group, according to Financial Times and the vulnerability was used to attack the phone of an UK-based attorney on 12 May.

“Selected number of users were targeted through this vulnerability by an advanced cyber actor. The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems.” WhatsApp spokesperson told Ars.

Whatsapp said the vulnerability was fixed on Friday and the patch released for end users on Monday, Whatsapp urges users to upgrade with the latest version to avoid infection.

The number of users impacted with this vulnerability remains unknown, according to the company only a small number of users were targeted.

WhatsApp messenger owned by Facebook allows users to send text messages, voice calls, as well as video calls, images, and other media, documents, and to share the user location. Whatsapp is one of the world’s leading app used by 1.5 billion users worldwide.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Facebook Down for Billions of Users Around the World – Instagram & WhatsApp Also Affected

Beware!! New Android Malware That Can Read Your WhatsApp Messages & Take Screen Shots

Managed WAF Protection

Website

Latest articles

cyber security

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...
Chrome

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...
CVE/vulnerability

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...
Cyber Security News

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...
Cyber Security News

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...
CVE/vulnerability

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...
cyber security

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...
Guru baran
Guru baranhttps://gbhackers.com

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Register Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

[email protected]