In May 2019, a bug was discovered by WhatsApp in the app’s calling feature which was utilized to inject a malicious code into user’s phone. On October 29th, 2019, WhatsApp found that this bug was being utilized by an Israel based company, NSO to develop a malware named Pegasus Spyware. WhatsApp and its parent company, Facebook are at loggerheads with NSO in a U.S court.
As per the sources, Pegasus Spyware was being used to spy on journalists, lawyers, scholars and activists in India during elections.
How does Pegasus Spyware work?
The Pegasus spyware comes under a special class of buffer overflow exploit, where the source code of a designated application can be altered and manipulated by the hackers’ instructions. This vulnerability allows hackers to inject spyware on to any mobile phone simply by calling the number on WhatsApp of a target’s device.
Cybersecurity experts state that almost all systems contain a buffer zone, where temporary memory is allocated to give swift run-time experience for a user. A specific buffer allocation is done by programmers as per requirements of the application which can be exploited by hackers. A malicious payload can be dropped within this buffer allocation, which runs in the RAM, through a video call without the user’s knowledge or participation. Once the payload is successfully injected into the target device, hackers can snoop in on WhatsApp conversations. It can activate a microphone, turn on the camera & even manipulate WhatsApp data and much more.
Targeted users cannot avert these attacks by themselves. The service providers are responsible for implementing additional stringent security measures in programming code to prevent these types of attacks.
How to avoid being attacked by Pegasus?
As soon as the news of Pegasus spyware got out, Apple released a security update (9.3.5) that took care of the vulnerabilities and Google on the other hand notified the potential spyware targets directly.
Here are a few steps to be safe and secure with your mobile device:
- Update your device and apps to the latest security patches.
- It is recommended to install a good security solution which has real-time scanning capabilities to stop any malicious apps in its tracks.
- Don’t click on attractive spam emails, luring discount coupons or links. As enticing as the email or any link sounds, try to avoid it all costs to ensure a safe and reliable experience on your device.
Leave a Reply
You must be logged in to post a comment.
[…] tracked as cve-2019-11931 is a new variant of stack-based buffer overflow vulnerability similar to Pegasus spyware. In this method, hackers add a malicious code to the MP4 files and send it to gullible users. This […]