WhatsApp recently confirmed that a dangerous voice call exploit allowed malicious parties to load NSO Group’s Pegasus spyware onto Android and iOS devices.
The exploit allows hackers to install spyware on a person’s phone through an infected WhatsApp voice call, even if they do not answer the call.
“A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number,” Facebook said.
The Pegasus spyware allows hackers to delete calls from logs, access users’ cameras and microphones, and uncover their location and messaging information.
WhatsApp fixed the issue on its servers on 10 May and launched an update on 13 May to secure the vulnerability in its smartphone applications.
The company urged users to upgrade to the latest version of our app and keep their mobile operating system up to date to protect against potential targeted exploits.
See details at mybroadband.co.za/news/securit…