What'sApp zero day discovered in the wild - Buffer overflow allows attacker to take control of phone

R0binHood

Habitué
Joined
Nov 23, 2011
Messages
1,490
A completely silent attack that doesn't even require the recipient to have to click a link was discovered.

It's thought that it was released by Israeli spyware firm NSO group as a part of their Pegasus surveilance package

Pegasus, once installed on a victim's device, can record phone calls, open messages, activate the phone’s camera and microphone for further surveillance, and relay back location data.

https://www.theregister.co.uk/2019/05/14/whatsapp_zero_day/
 

MagicalAzareal

Magical Developer
Joined
Apr 25, 2019
Messages
758
Buffer overflow in 2019? Oh my, Facebook has been careless.

They really should be writing these apps in some sort of managed language, if possible.
 

mysiteguy

Migration Expert
Joined
Feb 20, 2007
Messages
3,172
Buffer overflow in 2019? Oh my, Facebook has been careless.

They really should be writing these apps in some sort of managed language, if possible.

They might be, sometimes the underlying language's code has bugs which might cause a buffer overflow.
 

MagicalAzareal

Magical Developer
Joined
Apr 25, 2019
Messages
758
They might be, sometimes the underlying language's code has bugs which might cause a buffer overflow.
If that was the case, I would assume it would say bug in Java or .NET or w/e rather than specifically Whatsapp and only Whatsapp.
 

Tracy Perry

Opinionated asshat
Joined
May 25, 2013
Messages
5,010
Most people using it wouldn't know Java or .NET if it bit them in the ass. They would know Whatsapp.
 
Top