All it takes a WhatsApp call for the spyware to enter your phone


It’s been a day of high-profile security incidents. First there was news the popular WhatsApp messenger app was hacked. Updated versions of WhatsApp have been released, which you should install if you’re one of the more than one billion people who use the app.

WhatsApp has confirmed that a security flaw in the app let attackers install spy software on their targets' smartphones. The spyware install on a host phone via a WhatsApp call. The spyware deletes all WhatsApp call logs to become untraceable.

On Wednesday, chip-maker Intel confirmed that new problems discovered with some of its processors could reveal secret information to attacks.

What's scary about this spyware is that it can slip on any WhatsApp users' smartphone without giving the slightest clue that their devices have been infected. All it takes is a WhatsApp call.

The WhatsApp news was revealed first by the Financial Times, which says the bug was used in an attempt to access content on the phone of a UK-based human rights lawyer.

That has left many of its 1.5 billion users wondering how safe the "simple and secure" messaging app really is. How trustworthy are apps and devices?

No. Messages on WhatsApp are end-to-end encrypted, meaning they are scrambled when they leave the sender's device. The messages can be decrypted by the recipient's device only.

WhatsApp is arguably one of the most popular social messaging apps in the world. In the recent times, the Facebook-owned social messaging app has been under fire owing to the rampant spread of misinformation on its platform. But never has the app been under seige by a malware. That is until now.

WhatsApp has rolled out an update to its servers. It has also rolled out a security patch on to its Android and iOS apps to safeguard your phone data. Software patches have been released by several vendors, including Microsoft. You should install security updates from vendors promptly, including these.

Targeted Surveillance Attack on Whatsapp





The Facebook owned entity was recently a target of the hackers who had the option to remotely install surveillance softwares on phones and different devices utilizing a rather major vulnerability in the messaging app.

The attack incorporated of attackers utilizing WhatsApp's voice calling function to ring a target's device and regardless of whether the call was not received or not, the surveillance software could be installed. As per the Financial Times report which also speculates that the surveillance software included was created by an Israeli firm NSO Group, the call would frequently disappear from the device’s call log.

WhatsApp told the BBC its security team was the first to recognize the flaw. It imparted that info with human rights groups, chose the security vendors and the US Department of Justice prior this month.

"The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” the company said on Monday in a briefing document note for journalists.

WhatsApp said it was too soon to realize what number of users had been affected by the vulnerability, in spite of the fact that it included that the suspected attacks were exceptionally focused on. As indicated by the New York Times, one of the general populations targeted on was a London-based lawyer associated with a claim against the NSO Group.

Although a fix was “rolled out “on Friday, on Monday, WhatsApp requested the majority of its 1.5 billion users to update their applications as an additional precautionary measure.

How to update WhatsApp?

Android
  1. Open the Google Play store
  2. Tap the menu at the top left of the screen
  3. Tap My Apps & Games
  4. If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
  5. If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
  6. The latest version of WhatsApp on Android is 2.19.134

iOS
  1. Open the App Store
  2. At the bottom of the screen, tap Updates
  3. If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
  4. If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
  5. The latest version of WhatsApp on iOS is 2.19.51



WhatsApp vulnerability let attackers install Israeli Spyware on phones





A new vulnerability discovered in the WhatsApp allowed attackers install a malicious code on iPhones and Android phones by ringing up a target device.

“A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number,” WhatsApp said. 

The company discovered the vulnerability and later issued a security patch, although till now, it is not known how many people have been affected by this. 

According to the reports, the attackers targeted the device by just placing a call, even if you didn’t answered a call, the malicious code could be transmitted to your phone and a log of the call often disappeared. 

WhatsApp is urging all its users to upgrade their app after it released a software update yesterday. 

'We believe a select number of users were targeted through this vulnerability by an advanced cyber actor,' WhatsApp told the Financial Times.

'This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.

As per the Financial Times reports, the spyware was developed by NSO Group, an Israeli cybersecurity and intelligence company.



Facebook to redesign Messenger, WhatsApp, and Instagram



Facebook is coming up with a series of changes to all its social media networks including Instagram and Whatsapp.

According to its boss Mark Zuckerberg the new designs and features will focus on privacy first. The company decided to change its apps after facing widespread criticism for handling users data.

"We don’t exactly have the strongest reputation on privacy right now, to put it lightly," Zuckerberg said.

Here is list of changes in the app:

  • All the messages sent via Messenger will be end-to-end encrypted by default, and the platform will be fully integrated with WhatsApp
  • Instagram will hide like counts, but not the account owner
  • A WhatsApp secure payment service would be introduced in other countries later this year.
  • The Facebook app is being redesigned to make community groups central to the newsfeed - and the distinctive blue branding is going. The redesign is rolling out in the US and then more widely straight away.
  • Users will be able to post text, stickers or drawings on their Instagram post rather than starting it with a photo or a video. 

Other than this, Facebook has introduced a new feature called Secret Crush, which is a part of Facebook Dating. This feature will let Facebook members to tag up to nine of their crushes. 

If the recipient of the crush is also using the feature and nominates them as well, then both parties will receive a message to say they have matched.

Facebook Dating will roll out in 14 new countries, but will not be available in Europe or the US.



WhatsApp launches fact-check service ahead of General Elections in India





WhatsApp on Tuesday launched a new service called Checkpoint Tipline, for Indians to combat the fake news ahead of General elections beginning this month. 

The Facebook-owned company was working with a local startup PROTO, which aimed at creating a database of false, misleading or disputed. 

The initiative is funded by the WhatsApp to study misinformation spread ahead of the upcoming elections for Checkpoint

The company has set up a verification centre, which would verify posts that are in the form of pictures, video links or text. This center will cover four regional languages - Hindi, Telugu, Bengali and Malayalam, apart from English. 

"The goal of this project is to study the misinformation phenomenon at scale," Proto's founders Ritvvij Parrikh and Nasr ul Hadi said in a statement. "As more data flows in, we will be able to identify the most susceptible or affected issues, locations, languages, regions and more."

In a statement released by the WhatsApp said the start up Proto would be helped by two other organisations who have prior experience working on misinformation-related projects.

"The challenge of viral misinformation requires more collaborative efforts and cannot be solved by any one organisation alone," WhatsApp said.






WhatsApp May Oppose the Demand for Traceability of Messages




The government wants to probe into the sources of inciting and provocative messages and posts which have led to violence across the nation, incidents of lynching and various other controversial issues.

In order to do so, it has proposed certain guidelines that would require Whatsapp to unveil information regarding the origins of messages.

As doing so will contradict the end-to-end encryption WhatsApp provides, the company will oppose the proposed regulations. It will also be violating free speech and privacy rights. 

The intermediary guidelines which are reported to be made public after elections will include jail terms and penalties for heads and officials of various messaging platforms and social media companies for non-compliance.

Reasoning WhatsApp’s failure to act in accordance with the proposed guidelines, a person said, “WhatsApp feels the proposed guidelines are too broad and not in sync with privacy protection norms that are important to people everywhere,”

“What is expected from the rules is just not possible considering the end-to-end encryption the company provides — it would mean a new product.” He added.

The Facebook-owned app, which did not answer all the questions, believes that confidentiality is one of the key aspects of what they have to offer. They feel that gathering private information of users is contradictory to the whole idea of WhatsApp which was primarily designed to keep the conversations private. 

Putting the same into perspective, another person said, “The company will continue to push back against government’s attempts that it feels weaken its end-to-end encryption feature,”

While defending its stance on safety and privacy, WhatsApp previously said, “People rely on WhatsApp for all kinds of sensitive conversations, including with their doctors, banks, and families. The police also use WhatsApp to discuss investigations and report crimes,”  

“Attributing messages on WhatsApp would undermine end-to-end encryption and the private nature of WhatsApp, creating the potential for serious misuse. Our focus is on improving WhatsApp and working closer with others in society to help keep people safe.” 

Reasserting the intention of the government, an official told ET, “They don’t or refuse to understand this — we don’t want you to look into the video or the audio or content, just tell us where (it began) or who started it,”

Understanding the concern of national security and integrity, WhatsApp said that it has made essential changes in the product and has addressed misinformation via public education campaigns. Besides that, the company also made necessary alterations like limiting the times a message can be forwarded and letting people exit groups in one tap.

However, the government did not seem to be satisfied with these alterations and has continued to request for traceability.










Facebook says outage was a result of incorrect server configuration

Facebook has said that a "server configuration change" was to blame for the worst outage in its history. Facebook and its apps Instagram, Facebook Messenger and WhatsApp suffered outages for a considerable time on Thursday, affecting users for some 12 hours in most areas of the world, with the biggest impact in North America and Europe, according to the tracking website downdetector.com.

Facebook has only just offered an explanation for the problems it has experienced over the past 24 hours.

The company hasn't elaborated on what the server configuration change exactly meant nor has it said how many users were affected or why the outage took so long to fix. In a tweet, Facebook just apologised and thanked people for their patience. It said it had "triggered a cascading series of issues" for its platforms, including WhatsApp and Instagram.

"Yesterday, as a result of a server configuration change, many people had trouble accessing our apps and services," a Facebook tweet said. "We've now resolved the issues and our systems are recovering. We're very sorry for the inconvenience and appreciate everyone's patience."

The outage was believed to be the worst ever for the internet giant that reaches an estimated 2.7 billion people with its core social network, Instagram and messaging applications. It took the social network giant a full day from when the problems began to offer any explanation. It added that everything was now back to normal.

The outage brought fresh attention to the embattled social networking leader. It is yet another publicity problem for a company already dealing with privacy issues and regulatory probes.

The disruption isn’t likely to hurt advertisers much since they usually pay for ads per click or impression. But they lose potential customers who might have seen their ads when the site and apps were down. Longer term, Facebook’s reputation with advertisers and investors could be damaged, said Wedbush Securities managing director Dan Ives. It didn’t help that it took Facebook so long to explain what was going on, he said. Facebook said on Wednesday that the problem was not related to a “distributed denial of service” or DDoS attack, a type of attack that hackers use to interrupt service to a site, but didn’t provide any other details until Thursday. “In these situations, a lack of transparency is not a good look,” Ives said. “The longer something like this lasts, the more questions there are.”

Whatsapp Asks Apple Users to Beware Of the Touch ID, Face ID Feature




A recently discovered bug in the Touch ID, Face ID feature rolled out on WhatsApp is progressively turning into a grave threat to the iPhone users as it enables anyone to effortlessly sidestep the authentication systems. The support for Touch ID or Face ID to unlock the application is accessible for WhatsApp version 2.19.20 and when enabled correctly, the application requires the user to utilize the Touch ID or Face ID each time they get to access the application.

The Android users are safe, since this specific feature isn't made available for them.

A Reddit user explained in a post with respect to how simple the bypassing of the system is and how nearly anybody can do it. The method fundamentally begins to work when the user gets the choice to unlock the application either immediately or after one moment, after 15 minutes or after an hour and he/she chooses some other option than "Immediately".

It doesn't work in the event that it is set to immediately and this can be changed when "Require Face ID" is enabled from WhatsApp Settings > Account > Privacy > Screen Lock. In the event that the user wishes to sidestep the Touch ID and Face ID feature on the iPhone, they will need to open the iOS Share Sheet on any application and pick WhatsApp.


In the interim, WhatsApp issues an announcement with respect to its awareness with the issue and said that, “We are aware of the issue and a fix will be available shortly. In the meantime, we recommend that people set the screen lock option to immediately,”



Whatsapp Declines to comply with the Government’s Demand



With general elections scheduled to be held one year from now in India, the Indian Government is taking a strict prospect of the utilization of various social media platforms like Facebook, Twitter, and WhatsApp for the spread of prevarication of information.

In the light of the same it had requested from WhatsApp for a solution for track the outset of messages on its platform.

The Facebook owned firm though declined to comply with the government's request saying that the move will undermine the protection and privacy of WhatsApp users.

Sources in the IT Ministry have said that the administration has declared that WhatsApp should keep on exploring the specialized technical advancements whereby if there should be an occurrence of mass circulation of offensive and detestable messages whipping up clashes and delinquency, the outset can be figured out easily.

The ministry is additionally looking for an all the more firm affirmation of the assent with Indian laws from the company, along with the foundation of grievance officer with a wide framework.

Accentuation has been given to the fact that a local corporate entity, subject to Indian laws, ought to be set up by the company in the outlined time period.


Prior this week the WhatsApp Head Chris Daniels got together with the IT Minister Ravi Shankar Prasad for tending issues similar to this one. After the gathering, Mr. Prasad said that the legislature has requested that WhatsApp set up a local corporate entity and uncover a technological solution in order to ascertain the outset of the  phony messages circled through its platform simultaneously commission  a grievance  officer.

 “People rely on WhatsApp for all kinds of sensitive conversations, including with their doctors, banks and families. Building traceability would undermine end-to-end encryption and the private nature of WhatsApp, creating potential for serious misuse,” the Facebook-owned firm said on Thursday.

“WhatsApp will not weaken the privacy protections we provide,” a company spokesperson stressed, adding, “Our focus remains working closely with others in India to educate people about misinformation and help keep people safe.”

A month ago, WhatsApp top administrators, including COO Matthew Idema, met IT Secretary and other Indian government authorities to summarize the several different advances being taken by the company on this issue.


WABetaInfo says WhatsApp in Israel now uses Facebook servers

A popular fan website, WABetaInfo, that tracks WhatsApp Beta updates, on Monday tweeted that WhatsApp users in Israel are now connected through Facebook servers.


This news comes amidst the Facebook privacy and data controversy when people online are wary of what using Facebook means for their privacy and security.

WABetaInfo, however, again tweeted to reassure users that the data is still encrypted and that Facebook will only be receiving the metadata.


The website also said that the new update will improve the quality of the connection.

Twitter user and information security researcher, Karine Nahon, however, pointed out that:


Another user said that encryption itself is not a problem, but the fact that dynamic metadata such as last seen, etc. should be deleted after some time.


Still, the website told its readers not to worry and to wait till May to understand what data is being stored in the servers.

WhatsApp has not yet confirmed or denied this update.

A new privacy law — the General Data Protection Regulation (GDPR) — passed by the European Union will come into effect from May 25 this year, which will harmonize internet privacy laws all across Europe.

WhatsApp had last month signed a public commitment with Britain's Information Commissioner's Office (ICO) to not share user’s data with Facebook until the privacy and data security concerns have been addressed.

Information Commissioner Elizabeth Denham in a statement said, "WhatsApp has assured us that no UK user data has ever been shared with Facebook, other than as a 'data processor.’ ”

A New App That Can Help You Spy On Your Contacts via Whatsapp


There is no doubt that WhatsApp is hands down the most used instant messaging service today and there's no messaging app that can match it in terms of users on-board.

But unfortunately, the app has called for a host of hacks that basically allows a person to spy on any of their friends or family via WhatsApp without them having any knowledge of it.

This new creepy app  "Chatwatch"  helps an individual to do  this is by making use of the online or offline status feature of WhatsApp's to tell users how often their friends check the app and also estimates as to when they go to bed every day -- potentially making it an invasive app.

"Find out when they went to bed, how long they slept… Even compare chat patterns between people you know, and we will tell you the probability of them talking to each other during the day, using Artificial Intelligence," Chatwatch notes on its website.

Now what’s more distressing is that all this comes at a time when Facebook users are busy uninstalling apps they got connected with long ago via "Facebook log-in" after the social media platform, which also owns WhatsApp, was hit by a major data breach.

It's a creepy new trick that the app's developers hope will bring more attention to how Facebook handles our data, along with how other companies access and analyse it," tech website LifeHacker reported. "It's also likely that WhatsApp will find a way to block Chatwatch soon. So if you want to spy on your friends expose Facebook's privacy issues, you should try it soon," it added.

Chatwatch generally requires 24 hours before it can generate certain insights but even if you’ve disabled the ‘Last Seen’ feature in your account settings, it’ll still be able to figure out your WhatsApp activity quiet easily.

"Chatwatch" is currently available on Android platform and the developers are reportedly working on a web-based version as well. The app was first launched on iOS devices but it was later taken off from the Apple App Store. For reasons unknown to the website, it further adds that Apple has suspended their app from the app store, but they are working on a web version to launch as soon as possible, and appealing the decision with Apple.



CBI busts child pornography racket internationally operating on WhatsApp

The Central Bureau of Investigation (CBI) on Thursday busted an internationally operating WhatsApp-based child pornography racket, which had 199 members from all over the world.

According to CBI, the racket was being operated from Delhi, Noida, and Uttar Pradesh.

The main WhatsApp group admin and kingpin, Nikhil Verma (20), has been arrested and the police have searched the premises of Verma and four other suspects — Satyendra Chauhan, Nafis Raza, Zahid, and Adarsh — in Delhi, Uttar Pradesh, and Maharashtra.

CBI is investigating whether the videos uploaded on the group were recorded by the admins or were sourced from elsewhere, and whether they were charging money for sharing the clips.

The group (called “KidsXXX”) had 199 members and included nationals from India and various other countries including US, Pakistan, Brazil, Afghanistan, Sri Lanka, Kenya, Nigeria, Mexico, and New Zealand.

After receiving intelligence of the group, CBI tracked the IP addresses of the admins and kept a watch for sometime before carrying out the raids.

CBI has registered a case against the admins and members of the group under section 67-B of the IT Act and law enforcement of other countries involved have also been contacted. Identities of the victims are yet to be confirmed.

Police have seized laptops and hardware of the administrators where child pornographic content was found.

Lebanon Spyware Uncovered, Steals Data through Fake Messaging Apps

Researchers from non-profit campaign group Electronic Frontier Foundation (EFF) and mobile security group Lookout have together uncovered malware that targets individuals such as military personnel, journalists, lawyers, and activists, using fake apps that look like popular messaging apps like WhatsApp and Signal.

The malware, dubbed “Dark Caracal” by the researchers, targets known Android weaknesses and iOS has not been affected by it.

According to their report on Dark Caracal, the malware was traced back to a server in a Lebanese government building — a building belonging to the Lebanese General Security Directorate in Beirut, Lebanon — and seems like the threat could be coming from a nation-state.

“We have identified hundreds of gigabytes of data exfiltrated from thousands of victims, spanning 21+ countries in North America, Europe, the Middle East, and Asia,” the report read.

“This is a very large, global campaign, focused on mobile devices. Mobile is the future of spying because phones are full of so much data about a person’s day-to-day life,” said EFF Director of Cybersecurity Eva Galperin.

Data stolen through the spyware includes documents, call records, audio recordings, secure messaging client content, contact information, text messages, photos, and account data.

According to EFF, WhatsApp or Signal have not been compromised, and Google has confirmed that the infected apps were not downloaded from its Play Store. Instead, the attackers use “spearphishing” to get these fake apps on targets’ phones, which is a phishing attack that specifically targets an individual using information the attacker has on the victim.

“All Dark Caracal needed was application permissions that users themselves granted when they downloaded the apps, not realizing that they contained malware,” said EFF Staff Technologist Cooper Quintin.

Dark Caracal has reportedly been operating since 2012 but has been unable to track down because of the number of similar attacks happening all over the world that have repeatedly been misattributed to other cybercrime groups.

This research has shed light on how governments and people are able to spy on individuals all over the world.



Skygofree Malware: One of Most Advanced Spyware Ever Seen

Russian cybersecurity lab, Kaspersky, has found out a new advanced Android spyware having “never before seen” features that lets hackers carry out advanced surveillance on Android phones, such as location-based audio recording, WhatsApp message theft, and connecting an infected device to Wi-Fi networks controlled by cybercriminals.

The malware, dubbed as “Skygofree,” was reportedly found on malicious websites in Italy. According to Kaspersky, the malware is most likely an offensive security product sold by an Italy-based IT company that markets various surveillance wares.

More information including, Skygofree's commands, indicators of compromise, domain addresses, and device models targeted, can be found in their blog post on Securelist.

The spyware functions by tricking the “Accessibility” feature present in Android to help users with disabilities access their apps. Using this, the spyware can read the messages displayed on the screen, even those sent by the user.

Skygofree is also capable of taking pictures and video, recording audio and noise according to the location specified by the hacker, record Skype conversations, seizing call records, geolocation data, and other sensitive data.

Kaspersky believes that, just like an earlier hack in 2015 by Hacking Team, an Italy-based spyware developer, Skygofree was also developed by Italians.

Skygofree has allegedly been active since 2014 and has been targeting select individuals, who are all from Italy. The spyware has been undergoing regular development since then and as many as 48 commands were found in the latest version.

France’s data protection authority CNIL gives a sharp warning to WhatsApp ;issues a formal notice

Facebook, when it acquired WhatsApp back in early 2014 said that it won't have the capacity to link the WhatsApp users to their Facebook accounts. In any case, things being what they are, turns out it wasn't so difficult after all. A year ago, the organization changed the WhatsApp terms of services to do just that: link the WhatsApp and Facebook profiles belonging to the same user.

Facebook had allowed many of its users to opt out, yet that wasn't sufficient for the regulators. Germany had even requested Facebook to quit gathering WhatsApp data last September, a similar thing happened in the UK several months later and now fast forward to December 2017; there be yet another European nation issuing similar order.

Facebook's messaging service WhatsApp was given a one-month final proposal by one of Europe's strictest privacy watchdogs, which requested it to quit offering user data to its parent without getting the necessary assent. France's information insurance specialist also known as the data protection authority, CNIL gave quite a cautioning to WhatsApp by issuing a formal notice, scrutinizing it for "inadequate and insufficient" participation and cooperation.

The decision comes a year later after the European Union privacy authorities (security specialists) said that they had "genuine concerns" about the sharing of WhatsApp user data for purposes that were excluded in the terms of conditions and the privacy policy when people had signed up to the service.
However, even after the EU slapped Facebook with a €110 million fine over unlawful WhatsApp information sharing, France says that it has still not collaborated with information security expert CNIL, and could confront another sanction if it doesn't start thinking responsibly inside 30 days. The social network is as yet exchanging Whatsapp information for "business intelligence," it claims, and the only possible way that clients can quit is by uninstalling the application.

It was a French regulator, who saw that WhatsApp was sharing user information like phone numbers to Facebook for "business insight" reasons. When it over and over made a request to take a look at the information being shared, Facebook said that it is put away in the US, and "it considers that it is only subject to the legislation of the country," as per the CNIL. The regulator countered that whenever information is assembled in France, it naturally turns into the authority in charge.

The information exchanges from WhatsApp to Facebook occur to some extent without the users' assent, nor the legitimate interest of WhatsApp, CNIL said.

France says that while the notice was issued to Facebook, it's additionally intended to exhort users that this "gigantic information exchange from WhatsApp to Facebook" was occurring. "The best way to deny the information exchange for 'business insight' purposes is to uninstall the application," it adds. In any case, Facebook guarantees that it will keep on working with the CNIL to ensure that the users comprehend what data it gathers as well as how the data is utilized.

The merging of WhatsApp's data with Facebook was the first step taken by Facebook a year ago towards monetising the stage since the social network's CEO Mark Zuckerberg bought the company for about $22bn in 2014.

WhatsApp for Business: Standalone App Set for Release

It seems like WhatsApp is finally ready to launch its new standalone app for businesses to interact separately on their platform. In an FAQ on its website, it detailed how WhatsApp for Business is going to work and its features. 

The interface of the app remains the same, but the features afforded to businesses differ from the original messaging app. 

To communicate with customers using this new messaging app, businesses will first have to register using their business number, separate from their normal WhatsApp messenger number. Once they are registered, they will have a ‘business account’ which will be marked by a gray question mark symbol beside their name showing that the business has neither been confirmed or verified by WhatsApp.

Once a business confirms their business number, they become a ‘confirmed account’ and a gray tick appears next to their name. A green check-mark means it is a ‘verified account’ used by a business that is authentic and verified by WhatsApp. 

The new app is already live in Play Store but is yet to be released to general public. 

Back in September, WhatsApp announced that it was experimenting and beta-testing ‘WhatsApp Business’ with few pilot-testers. Users may remember communicating with brands like BookMyShow, MakeMyTrip, or Goibibo using the messaging app.


Kshitija Agrawal