WhatsApp Disclosed 12 Security Vulnerabilities in 2019

WhatsApp Flaw Allows Attackers to Install Spyware

Most popular App WhatsApp, which is now owned by Facebook, boasts end-to-end High-level data security, disclosed 12 vulnerabilities in 2019 out of which seven were described as critical, according to a report by the Financial Times.

Data Security Issue has become a big issue not just in a mundane world but also amongst Big-shot Brand names. A recent Incident, reported on the 22nd of January 2020, has made the users doubt their data confidentiality while using such applications.

The incident that happened on the 22nd of January 2020

The iPhone X belonging to the world’s richest man Amazon founder and CEO Jeff Bezos was allegedly hacked through a Whatsapp message sent by the Crown Prince of Saudi Arabia Mohammad Bin Salman.

The whole act most probably happened from a video source through twitter which was likely altered to contain a malicious file and then sent to Bezos via WhatsApp. When such a malicious file is stored on a victim’s phone, it can easily communicate with the victim’s computer.

This Malicious program can order the file to send data from the phone to a remote computer. Mohammad Bin Salman had sent this suspicious file to Jeff Bezos on the 1st of May 2018 which had no Link to any prior communication between them.

One of the research scientist, who was a prior WhatsApp employee said

“The malicious file was sent from a twitter source named Abdullah K5 and few malicious tools have been under suspicion of being responsible to carry out this Hack. One such organization is from NSO group, Israel, which became infamous for hacking 1200 WhatsApp users. The other company whose tools may have been used in the hack is an Italian company named Hacking team.”

This Vulnerability was reported under Bug CVE-2019-3568.

This has refreshed the vulnerabilities WhatsApp has been exposed to in 2019, keeping 1Billion of its User data at risk. Another major Heap overflow bug was tracked under CVE-2019-11933.

Spyware Pegasus has taken down the user’s trust, as this helped the government to hack into mobile devices of more than 100 people worldwide, which also included journalists.

Thus, a long journey to fight cybercrime awaits for WhatsApp group.



Get in Touch With LIFARS Today!

LIFARS offering Free 30-minute consultation on cyber resiliency.
Email:contact@lifars.com | Call us at:(212) 222-7061