icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
18 Nov, 2019 10:26

Pegasus returns? WhatsApp users on alert after Facebook warned of ANOTHER vulnerability exploited by hackers

Pegasus returns? WhatsApp users on alert after Facebook warned of ANOTHER vulnerability exploited by hackers

Mark Zuckerberg’s company issued an alert over hackers gaining access to mobile devices via fake WhatsApp calls several months after Pegasus spyware scandal rocked India, leading to a lawsuit against Israeli surveillance firm.

Facebook, which owns WhatsApp messenger, warned several days ago about a system vulnerability that allows hackers to send “a specially crafted MP4 file” to its Android and iOS users.

The bug appears to be similar to the one uncovered this spring, which was used by hackers to infect devices with malware, disguised as ordinary calls. The vulnerability has since been patched up, but the cyberattacks caused a scandal in India because over 20 local lawyers, journalists and human rights campaigners were among the 1,400 users affected by the hacks worldwide.

Also on rt.com ‘Pegasus’ spyware attack: Indian journalists & activists targeted on WhatsApp, lawsuit claims

The hacking tool itself, as it turned out, was ‘Pegasus’ spyware, developed by Israeli surveillance firm NSO Group, which does not disclose its clients, but claims to only sell the product to government agencies. Indian officials denied of having used the software and rejected the allegations of hacking WhatsApp users.

Facebook, meanwhile, sued NSO Group, claiming that the hackers used servers and hosting services “that were previously associated” with the firm. The Israeli company denied any wrongdoing.

Think your friends would be interested? Share this story!