WhatsApp Announces Fix for Spyware Vulnerability

Facebook-owned WhatsApp, the international OTT messaging and voice-calling platform, said on Monday that it had released a patch to fix a vulnerability in its system that could allow hackers to implant spyware in mobile phones remotely, just by placing a call to the phone, even if that call is missed. The move came after reports that such a security breach did occur.

The Financial Times identified the entity that caused the breach as NSO Group, an Israeli company that designs spyware. The newspaper stated that the targets of the attack included a London-based lawyer who is an adviser on a case that accuses NSO of providing the functionality to spy on a Saudi dissident, a citizen of Qatar and a group of Mexican journalists and activists.

It is not clear to what extent the remote implantation of the software allowed for actual access to private data, since WhatsApp released the patch very quickly. According to news reports, NSO denied the accusation and stated that it “would not or could not use its technology in its own right to target any person or organization, including this individual,” referring to the London lawyer, whose name has not been published in connection with this incident. NSO further said that its technology is licensed to governments “for the sole purpose of fighting crime and terror” and that NSO has no role in deciding how and against whom those governments use it.

In addition to fixing the vulnerability, WhatsApp said it urges users to update to the latest version of the app, “out of an abundance of caution.”

WhatsApp is used by some 1.5 billion people around the world, so the potential for harm is obviously very great if weaknesses such as this one occur, and even greater if they go undetected for longer periods than this one. WhatsApp has proudly advertised its end-to-end encryption, so it probably comes as a big surprise for most users that this attack was even possible. The nature of the vulnerability, according to reports, was the phenomenon of buffer overflow, in which excess data residing in a temporary storage location is overwritten to an adjacent memory address. The malware or spyware injects code that causes a buffer overflow, and then exploits the data that is moved out of the encrypted area.

We think mobile operators should be aggressively using this story in their marketing campaigns. WhatsApp has long been eating into their core businesses, first with text messages and now with VoIP calling and enhanced messaging to send video and documents. Now that a frightening vulnerability to invasions of privacy has been discovered, MNOs could benefit from reminding their customers and potential customers that cellular mobile telephony is still the safest option, and to beware of promises about encryption by OTT players.

Of course, the networks of mobile operators are by no means perfect; they, too, could be breached by sophisticated software. However, at the very least, the relatively local nature of a mobile network provides some assurance that global bad actors will not target them but instead go after an OTT that is more or less present everywhere. It is, of course, also important for MNOs to keep on top of network security, and they are well advised to do so and advertise that fact. An invidious comparison with WhatsApp, at least at the present moment, will likely be very effective in terms of public relations. Today, WhatsApp says it has fixed the breach; tomorrow, however, others may be discovered and exploited.

Tarifica’s products and services are powered by large-scale data from the global telecom industry and a deep level of expertise gained from our singular focus. We leverage these core attributes to help our clients understand their markets and answer their most challenging questions. Our team of analysts, software engineers and data scientists deliver real-time dynamic solutions for the telecom industry. Our software and state of the art data extraction techniques enable our clients to make smart decisions in real-time based on insightful, actionable data.

We are the telecom plan & pricing experts.

 If you have any questions about this article, feel free to contact our Editor-in-chief John Dorfman at jdorfman@tarifica.com

To learn more about Tarifica, please visit www.tarifica.com 

oT Devices Used in Attack on U.S. Internet

The hackers who launched a distributed denial of service attack against the DNS provider Dyn late last week used hundred of thousands of connected devices such as baby monitors and home security cameras to infiltrate the networks. Dyn’s clients including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times experienced internet service disruptions. Security experts have been warning for a while now that IoT connected devices can be infected with malware in order to cause disruptions of service across the internet. The gigantic, rapid growth of the IoT sector promises revenue to operators as well as device manufacturers, but this incident is a sobering reminder that humble connected devices used by unwitting consumers can provide easy entrance points to national and global networks. The IoT is an essential component of the worldwide telecommunications economy, but at present it appears to be an Achilles heel that needs tighter security.

Tarifica is the global leader in monitoring and analyzing telecom pricing. Covering hundreds of operators in every region of the globe, Tarifica’s databases of mobile and fixed line data and voice tariffs are among the largest and most in-depth in the world. Tarifica is also a leading publisher of benchmark and other pricing reports, and its analysts are recognized authorities in the telecom industry, relied upon by operators and businesses worldwide for pricing insight and guidance.

To learn more about Tarifica, please visit www.tarifica.com