Skip to main content

WhatsApp claims it informed authorities about vulnerability in May 2019; govt sources say advisory full of 'technical jargon'

Responding to allegations over breach of privacy of several Indian users on WhatsApp using Israeli surveillance software Pegasus, the Facebook-owned messaging company on Friday said that it had informed the authorities in India about the vulnerability in its software in May 2019.

The Pegasus spyware was used to spy on 1,400 individuals worldwide, including journalists, activists and lawyers in India. Firstpost has confirmed that 20 individuals in India were affected by the spyware.

In a statement, WhatsApp said, "Our highest priority is the privacy and security of WhatsApp users. In May, we quickly resolved a security issue and notified relevant Indian and international government authorities. Since then we've worked to identify targeted users to ask the courts to hold the international spyware firm known as the NSO Group accountable."

Representational image

Representational image

Based on a May 2019 vulnerability note published on the official website of CERT-IN, a government agency tasked with the "objective of securing Indian cyberspace", CERT-IN was aware of the vulnerability.

CERT-IN falls directly under the Ministry of Electronics and Information Technology, headed by Ravi Shankar Prasad.

However, government sources told ANI that the "communication was in pure technical jargon without any mention of Israeli Pegasus or the extent of the breach".

What does the CERT-IN vulnerability note say

On 17 May 2019, CERT-IN published a vulnerability note — CIVN-2019-0080 — related to WhatsApp on its website with a severity rating of "high". It said:

"A vulnerability has been reported in WhatsApp which could be exploited by a remote attacker to execute arbitrary code on the affected system".

Under a subhead "description", the note gives a detailed explanation of what the vulnerability is about. It reads:

"This vulnerability exists in WhatsApp due to a buffer overflow condition error. A remote attacker could exploit this vulnerability by making a decoy WhatsApp voice call to a target user's phone number and thereby sending specially crafted series of SRTCP packets to the target system. This could trigger a buffer overflow condition leading to execution of arbitrary code by the attacker.

"Successful exploitation of this vulnerability could allow the attacker to access information on the system such as call logs, messages, photos, etc which could lead to further compromise the system."

The last sentence of the note, mentions what successful exploitation of the vulnerability could allow.

The solution suggested to all was to upgrade to the "latest version of WhatsApp".

The note also shares a link to a Facebook advisory, which mentions the vulnerability and versions of the WhatsApp software that were affected by it. The advisory, which was last updated on 13 August 2019, said:

"A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number".

This advisory doesn't mention the "Pegasus spyware", however, CERT-IN shared few links along with details about the vulnerability in the note.

A screenshot of the CERT-IN vulnerability note

A screenshot of the CERT-IN vulnerability note

One such link points to a news website called HackerNews, which mentions Pegasus. It says: "Discovered, weaponised and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp exploit (read vulnerability) installs Pegasus spyware on to Android and iOS devices."

An archive of the URL's history in the Wayback Machine shows that "Pegasus spyware" was mentioned in the article when it was published on 15 May, 2019.

The report also says that "the victim would not be able to find out about the intrusion afterwards as the spyware erases the incoming call information from the logs to operate stealthily".

Govt asks WhatsApp for explanation

The Centre on Thursday had sought an explanation from WhatsApp to explain the breach of privacy after the messaging platform informed several Indian users this week that they had been targetted by Pegasus earlier this year.

Union information technology minister Ravi Shankar Prasad Thursday said that the government is concerned at the breach of privacy of citizens of India and has sought a detailed explanation from the messaging platform.

"We have asked WhatsApp to explain the kind of breach and what it is doing to safeguard the privacy of millions of Indian citizens," he tweeted.

According to reports, WhatsApp revealed that journalists and activists in India have been the target of surveillance by operators using the Israeli spyware Pegasus.

The messaging platform said that it had reached out to the people who were targetted, but declined to reveal the identities and "exact number" of those who were targeted.

With inputs from ANI



Udimi - Buy Solo Ads from Firstpost Tech Latest News https://ift.tt/2r6Pm1T
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

9 VCs in Madrid and Barcelona discuss the COVID-19 era and look to the future

Spain’s startup ecosystem has two main hubs: Madrid and Barcelona. Most observers place Barcelona first and Madrid second, but the gap appears to close every year. Barcelona has benefitted from attracting expats in search of sun, beach and lifestyle who tend to produce more internationally minded startups. Madrid’s startups have predominantly been Spain or Latin America-focused, but have become increasingly international in nature. Although not part of this survey, we expect Valencia to join next year, as city authorities have been going all-out to attract entrepreneurs and investors. The overall Spanish ecosystem is generally less mature than those in the U.K., France, Sweden and Germany, but it has been improving at a fast clip. More recently, entrepreneurs in Spain have moved away from emulating success in pursuit of innovative technologies. Following the financial crisis, the Spanish government supported the creation of startups with the launch of FOND-ICO GLOBAL, a €1.5 billi...
Post a Comment
Read more

Emulating USB Dongle – Introducing HASP Dongle Emulator Software

Information Technology Blog - - Emulating USB Dongle – Introducing HASP Dongle Emulator Software - Information Technology Blog Over the years the methods used by software developers and producers to limit the amount of users to a specific number in a licensing agreement have become more complex.  The aim of copy protection is to protect the intellectual rights and financial investment of the individual developers and manufacturing companies.   A way of getting around this protection is to reproduce the media through which you can deliver the application to other users,  meaning that the software can be replicated far in excess of that specified in the license. One of the most common methods has been to use hardware keys or dongles which will enable the user to activate an application, unlocking its full functionality without using a device.  In addition, it offers good protection against attempts to pirate the software. In this article, we will look at th...
1 comment
Read more

Advantages and Disadvantages of using Vouchers in eCommerce

Information Technology Blog - - Advantages and Disadvantages of using Vouchers in eCommerce - Information Technology Blog To decide whether vouchers and coupons are the right tool to add to your online marketing strategy, it is essential that you consider the benefit and the cost of using coupons. In this article, we will use Gtech coupon marketing strategy as an example a successful coupon strategy.  Also check out these great books on coupon codes for ecommerce . Advantages of Using Coupons Increase Sales This is the obvious benefit. Coupons serve to increase sales especially for high ticket items such as luxury gadgets. Gtech discount codes is a good example as Gtech quality is reflected on the price of both the Gtech eBike and Gtech AirRam. In order to boost sales, the company releases 10% off offers certain times of the year when online sales would normally be low. Enlarge Email List Acquiring a customer can be expensive in terms of advertising and marketing. If yo...
1 comment
Read more