Another Pegasus-like spyware found targeting WhatsApp with MP4 files
New Delhi: If you have received an MP4 video file on WhatsApp from an unknown number, you could be a victim of a new kind of hacking which uses a recently discovered vulnerability of WhatsApp to install malicious spywares in phones.
This security vulnerability allowed a remote attacker to target phones by sending a video file in MP4 format.
When notified about the security breach, the Indian Computer Emergency Response Team (CERT) categorised the threat under "High Severity" category.
Pegasus-like features
Israel-based spyware maker NSO Group was under spotlight recently for allegedly providing technology [Pegasus spyware] that used WhatsApp's video calling feature to attack user's phones.
A security message notified by WhatsApp's parent company Facebook said, "A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user."
Identified as CVE-2019-11931, this vulnerability message is similar to the one received by CERT from WhatsApp during the Pegasus snooping case.
According to the communication, this weakness could allow a remote attacker to force "Denial of Services (DoS) and Remote Code Execution (RCE)" which could be used to compromise any device running Android, iOS or Windows.
An attacker could use a person's cell number to send a video file through WhatsApp and install an unwanted program in their phones exploiting such vulnerability.
This security issue exists on both individual and business versions of the popular messaging app until the updates were rolled out in October earlier this year.
Although the latest security patch from WhatsApp claims to have fixed this problem, WhatsApp and Facebook have not given further details about the extent of possible execution of this exploit.
This comes even as the controversy around WhatsApp snooping refuses to die down, where phones of over a dozen activists, journalists and lawyers were allegedly compromised by an Israel-made spyware.
WhatsApp has been under fire for not providing adequate information to Indian authorities about the extent of attacks during Pegasus breach. The messaging app has sued NSO Group in a US court for violating its terms and conditions.
Government sources had earlier claimed that the information provided by WhatsApp is more of a "technical jargon" which didn't give much information about victims and extent of such attacks. WhatsApp had informed users separately about possible Pegasus attack on their devices.
Similar to the Pegasus incident, this vulnerability is also being called "a stack-based buffer overflow vulnerability".
According to CERT, "The exploitation does not require any form of authentication from the victim end and executes on downloading of malicious mp4 file on victims system."
Courtesy: www.indiatoday.in
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Odisha: Normalcy returns to violence-hit Malkangiri; internet services fully restored
Malkangiri (PTI): Normalcy returned to Odisha’s Malkangiri district on Monday, nearly a week after around 200 villages were damaged in violent clashes in a village, with the district administration fully restoring internet services, a senior official said.
Additional District Magistrate Bedabar Pradhan said internet services, suspended across the district on December 8 to curb the spread of rumours and misinformation following the clashes, were restored after the situation improved.
The suspension had been extended in phases till 12 noon on Monday.
The administration also withdrew prohibitory orders imposed under Section 163 of the Bharatiya Nyaya Sanhita within a 10-km radius of MV-26 village, where arson incidents were reported on December 7 and December 8.
Though the violence was confined to two villages, tension had gripped the entire district, as the incident took the form of a clash between local tribals and Bengali settlers following the recovery of a headless body of a woman on December 4, officials said.
ALSO READ: Why remove Mahatma Gandhi's name, asks Priyanka on move to replace MGNREGA
The violence broke out after residents of Rakhelguda village allegedly set ablaze several houses belonging to Bengali residents, forcing hundreds to flee. The headless body of Lake Podiami (51), a woman from the Koya tribe, was recovered from the banks of the Poteru river on December 4, while her head was found six days later at a location about 15 km away.
Officials said the district administration held several rounds of discussions with representatives of the tribal and Bengali communities, following which both sides agreed to maintain peace.
Relief and rehabilitation work has since been launched at MV-26 village, with preliminary assessment pegging property damage at around Rs 3.8 crore.
A two-member ministerial team headed by Deputy Chief Minister K V Singh Deo visited the affected village, interacted with officials and locals, and submitted a report to the chief minister.
So far, 18 people have been arrested in connection with the violence, the officials said, adding that despite the withdrawal of prohibitory orders and restoration of internet services, security forces, including BSF and CRPF personnel, continue to be deployed to prevent any untoward incident.
On Sunday, Nabarangpur MP Balabhadra Majhi visited MV-26 and neighbouring Rakhelguda villages, and held discussions with members of both communities as part of efforts to rebuild confidence and restore peace.
More than two lakh Bengali-speaking Bangladeshis were rehabilitated by the Centre in Malkangiri and Nabarangpur districts in 1968, and they currently reside in 124 villages of Malkangiri.
