Indian Government Questions WhatsApp Over Latest Hack

Indian Government Questions WhatsApp Over Latest Hack

SUMMARY

WhatsApp’s voice call feature can be used to hack into a user’s device

WhatsApp has issued a security patch to fix the issue

An Israeli cybersecurity firm had developed the software used for the hack

Ministry of Electronics and Information Technology (MeitY) has asked for the details of the latest loophole in WhatsApp, which has put the personal information of the users at risk. The Indian government has asked for details such as the number of users affected and the steps taken by WhatsApp to address the issue.

A government official reportedly said that “We sent an email to WhatsApp asking them to explain the vulnerability and steps undertaken to address the situation.”

On May 13, Financial Times reported a bug in WhatsApp which left over 1.5 Bn users across the world vulnerable to spyware attack using WhatsApp’s calling function. The loophole allowed a hacker to inject spyware into the target phone thus putting all information on the device at risk of theft and misuse.

The spyware can be injected into the target phone with a simple voice call on WhatsApp and will be installed on the victim’s phone without even answering the call. Once injected, the spyware will have the iOS or the Android phone at its grip and any information, such as emails, text messages and contact list can be retrieved by the hacker.

A spy software named as Pegasus was used to create the bug to exploit WhatsApp’s security loophole. Pegasus was created by an Israeli cybersecurity firm known as the NSO Group. Pegasus software was allegedly also used to spy over Washington Post reporter Jamal Khashoggi whose murder became a global headline.

The website of NSO Group claims that their products help government intelligence and law-enforcement agencies use technology to meet the challenges of encryption to prevent and investigate terror and crime.

“We investigate any credible allegations of misuse and if necessary, we take action, including shutting down the system. Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” NSO was quoted as saying by the Financial Times.

The affected versions of WhatsApp are as follows:

WhatsApp Business for Android prior to v2.19.44
WhatsApp for iOS prior to v2.19.51
WhatsApp Business for iOS prior to v2.19.51
WhatsApp for Windows Phone prior to v2.18.348
WhatsApp for Tizen prior to v2.18.15

The bug, classified as a CVE (common vulnerabilities and exposure) is numbered as CVE-2019-3568 and according to the information on Playstore, was fixed by WhatsApp through a security patch. A WhatsApp spokesperson said, “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”

Facebook also issued a statement in relation to the bug classifying and the bug and listing the affected versions of WhatsApp. “A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via a specially crafted series of SRTCP packets sent to a target phone number,” the Facebook classification of the bug said.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Indian Government Questions WhatsApp Over Latest Hack-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Indian Government Questions WhatsApp Over Latest Hack-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Indian Government Questions WhatsApp Over Latest Hack-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Indian Government Questions WhatsApp Over Latest Hack-Inc42 Media
Indian Government Questions WhatsApp Over Latest Hack-Inc42 Media
You’re in Good company