What'sApp zero day discovered in the wild - Buffer overflow allows attacker to take control of phone

Discussion in 'Site Security & Legal Issues' started by R0binHood, May 14, 2019.

  1. R0binHood

    R0binHood Habitué

    1,220
    432
    +950
    A completely silent attack that doesn't even require the recipient to have to click a link was discovered.

    It's thought that it was released by Israeli spyware firm NSO group as a part of their Pegasus surveilance package

    Pegasus, once installed on a victim's device, can record phone calls, open messages, activate the phone’s camera and microphone for further surveillance, and relay back location data.

    https://www.theregister.co.uk/2019/05/14/whatsapp_zero_day/
     
    • Informative! Informative! x 1
    • List
  2. MagicalAzareal

    MagicalAzareal Magical Developer

    271
    70
    +129
    Buffer overflow in 2019? Oh my, Facebook has been careless.

    They really should be writing these apps in some sort of managed language, if possible.
     
  3. mysiteguy

    mysiteguy Devotee

    2,874
    887
    +2,217
    They might be, sometimes the underlying language's code has bugs which might cause a buffer overflow.
     
  4. MagicalAzareal

    MagicalAzareal Magical Developer

    271
    70
    +129
    If that was the case, I would assume it would say bug in Java or .NET or w/e rather than specifically Whatsapp and only Whatsapp.
     
  5. Tracy Perry

    Tracy Perry Opinionated asshat

    4,986
    552
    +3,585
    Most people using it wouldn't know Java or .NET if it bit them in the ass. They would know Whatsapp.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.