Skip to main content

WhatsApp claims it informed authorities about vulnerability in May 2019; govt sources say advisory full of 'technical jargon'

Responding to allegations over breach of privacy of several Indian users on WhatsApp using Israeli surveillance software Pegasus, the Facebook-owned messaging company on Friday said that it had informed the authorities in India about the vulnerability in its software in May 2019.

The Pegasus spyware was used to spy on 1,400 individuals worldwide, including journalists, activists and lawyers in India. Firstpost has confirmed that 20 individuals in India were affected by the spyware.

In a statement, WhatsApp said, "Our highest priority is the privacy and security of WhatsApp users. In May, we quickly resolved a security issue and notified relevant Indian and international government authorities. Since then we've worked to identify targeted users to ask the courts to hold the international spyware firm known as the NSO Group accountable."

Representational image

Representational image

Based on a May 2019 vulnerability note published on the official website of CERT-IN, a government agency tasked with the "objective of securing Indian cyberspace", CERT-IN was aware of the vulnerability.

CERT-IN falls directly under the Ministry of Electronics and Information Technology, headed by Ravi Shankar Prasad.

However, government sources told ANI that the "communication was in pure technical jargon without any mention of Israeli Pegasus or the extent of the breach".

What does the CERT-IN vulnerability note say

On 17 May 2019, CERT-IN published a vulnerability note — CIVN-2019-0080 — related to WhatsApp on its website with a severity rating of "high". It said:

"A vulnerability has been reported in WhatsApp which could be exploited by a remote attacker to execute arbitrary code on the affected system".

Under a subhead "description", the note gives a detailed explanation of what the vulnerability is about. It reads:

"This vulnerability exists in WhatsApp due to a buffer overflow condition error. A remote attacker could exploit this vulnerability by making a decoy WhatsApp voice call to a target user's phone number and thereby sending specially crafted series of SRTCP packets to the target system. This could trigger a buffer overflow condition leading to execution of arbitrary code by the attacker.

"Successful exploitation of this vulnerability could allow the attacker to access information on the system such as call logs, messages, photos, etc which could lead to further compromise the system."

The last sentence of the note, mentions what successful exploitation of the vulnerability could allow.

The solution suggested to all was to upgrade to the "latest version of WhatsApp".

The note also shares a link to a Facebook advisory, which mentions the vulnerability and versions of the WhatsApp software that were affected by it. The advisory, which was last updated on 13 August 2019, said:

"A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number".

This advisory doesn't mention the "Pegasus spyware", however, CERT-IN shared few links along with details about the vulnerability in the note.

A screenshot of the CERT-IN vulnerability note

A screenshot of the CERT-IN vulnerability note

One such link points to a news website called HackerNews, which mentions Pegasus. It says: "Discovered, weaponised and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp exploit (read vulnerability) installs Pegasus spyware on to Android and iOS devices."

An archive of the URL's history in the Wayback Machine shows that "Pegasus spyware" was mentioned in the article when it was published on 15 May, 2019.

The report also says that "the victim would not be able to find out about the intrusion afterwards as the spyware erases the incoming call information from the logs to operate stealthily".

Govt asks WhatsApp for explanation

The Centre on Thursday had sought an explanation from WhatsApp to explain the breach of privacy after the messaging platform informed several Indian users this week that they had been targetted by Pegasus earlier this year.

Union information technology minister Ravi Shankar Prasad Thursday said that the government is concerned at the breach of privacy of citizens of India and has sought a detailed explanation from the messaging platform.

"We have asked WhatsApp to explain the kind of breach and what it is doing to safeguard the privacy of millions of Indian citizens," he tweeted.

According to reports, WhatsApp revealed that journalists and activists in India have been the target of surveillance by operators using the Israeli spyware Pegasus.

The messaging platform said that it had reached out to the people who were targetted, but declined to reveal the identities and "exact number" of those who were targeted.

With inputs from ANI



Udimi - Buy Solo Ads from Firstpost Tech Latest News https://ift.tt/2r6Pm1T
via IFTTT

Comments

Popular posts from this blog

9 VCs in Madrid and Barcelona discuss the COVID-19 era and look to the future

Spain’s startup ecosystem has two main hubs: Madrid and Barcelona. Most observers place Barcelona first and Madrid second, but the gap appears to close every year. Barcelona has benefitted from attracting expats in search of sun, beach and lifestyle who tend to produce more internationally minded startups. Madrid’s startups have predominantly been Spain or Latin America-focused, but have become increasingly international in nature. Although not part of this survey, we expect Valencia to join next year, as city authorities have been going all-out to attract entrepreneurs and investors. The overall Spanish ecosystem is generally less mature than those in the U.K., France, Sweden and Germany, but it has been improving at a fast clip. More recently, entrepreneurs in Spain have moved away from emulating success in pursuit of innovative technologies. Following the financial crisis, the Spanish government supported the creation of startups with the launch of FOND-ICO GLOBAL, a €1.5 billi...

How to Stay Creative and Keep SEO in Mind

Information Technology Blog - - How to Stay Creative and Keep SEO in Mind - Information Technology Blog Search engine optimization (SEO) refers to customizing your website’s content to ensure that web browsers give your website a high SEO score. The sites with the highest SEO scores are featured on the search engine’s first page of search results for relevant searches.  71%  of the click-throughs happen with articles listed on the first page of results on the search engine. This means that if your website’s article is the second (or third, or fourth page), it’s less likely the search user will even see your article. You want your article to be ranking as close to the top of the first page of results as possible. In order to have a good SEO score your site’s content needs to feature keywords and relevant phrases. It must be optimized for easy navigation between pages. It also needs to be referenced via external links that drive traffic to your site. Incorporating all of t...

Everything we know about HHS Protect, a secretive government project with Peter Thiel's Palantir that helps brief Trump's coronavirus task force

A secretive project at the US Department of Health and Human Services is working with technology companies to collect and analyze data related to the novel coronavirus .  Dubbed "HHS Protect," the effort tracks information from around the country about coronavirus case numbers, hospital capacity, and even supply chain issues.  HHS uses Palantir Technologies , a data firm cofounded by Peter Thiel, to distill that information for the White House coronavirus task force. Visit Business Insider's homepage for more stories . A secretive project at the US Department of Health and Human Services is working with technology companies to collect and analyze data related to the novel coronavirus.  Dubbed "HHS Protect," the effort includes roughly 2.5 billion pieces of data from healthcare providers, government officials, and labs around the country about coronavirus case numbers, hospital capacity, and even supply chain issues.  The goal is learn about the progress...