Navigation
Recherche
|
WhatsApp vulnerability exploited to infect phones with Israeli spyware
mardi 14 mai 2019, 04:00 , par Ars Technica
Enlarge (credit: Santeri Viinamäki)
Attackers have been exploiting a vulnerability in WhatsApp that allowed them to infect phones with advanced spyware made by Israeli developer NSO Group, the Financial Times reported on Monday, citing the company and a spyware technology dealer. A representative of WhatsApp, which is used by 1.5 billion people, told Ars that company researchers discovered the vulnerability earlier this month while they were making security improvements. CVE-2019-3568, as the vulnerability has been indexed, is a buffer overflow vulnerability in the WhatsApp VOIP stack that allows remote code execution when specially crafted series of SRTCP packets are sent to a target phone number, according to this advisory. According to the Financial Times, exploits worked by calling either a vulnerable iPhone or Android device using the WhatsApp calling function. Targets need not have answered a call, and the calls often disappeared from logs, the publication said. The WhatsApp representative said the vulnerability was fixed in updates released on Friday. Read 8 remaining paragraphs | Comments
https://arstechnica.com/?p=1504773
|
56 sources (32 en français)
Date Actuelle
mer. 8 mai - 16:49 CEST
|