Popular messaging service WhatsApp discovered a serious security flaw that allowed hackers access to individuals’ devices — and they might never know they were infected.
According to a report from the Financial Times, the company says that the attack, which was first spotted earlier this month, affected a “select” group of and is the result of action from “an advanced cyber actor.” The spyware was reportedly developed by the Israeli cyber intelligence company NSO Group.
The spyware has the ability to give hackers full access to a phone remotely, allowing them to read messages, see contacts, and activate the camera. The attack involved cyber hackers using WhatsApp‘s voice calling function to call a device. The surveillance software would then be installed, even if the call was not picked up. Additionally, the victim would not be able to find out about the intrusion afterward as the spyware erases the incoming call information from the logs.
Now, a new report from Vice takes a look at how simple the malware works, and how users probably would never know a malware was installed on their device.
Unlike many mobile attacks, potential victims of the NSO Group’s spyware aren’t required to install or click on anything — they may not even be aware something malicious has taken place. In fact, it’s near-impossible to detect whether one’s iPhone has ever been infected by any malware.
“As of today, there is no specific tool that an iPhone user can download to analyze their phone and figure out if it has been compromised,” reads the Vice report. “In 2016, Apple took down an app made by Esser that was specifically designed to detect malicious jailbreaks. Moreover, iOS is so locked down that without hacking or jailbreaking it first, even a talented security researcher can do very little analysis on it. That is why security researchers crave expensive iPhone prototypes that have security features disabled, as a Motherboard investigation revealed earlier this year.”
Various security researchers quoted in the report agree that the iPhone is too locked down for its own good.
“These security controls have made mobile devices extremely difficult to inspect, especially remotely, and particularly for those of us working in human rights organizations lacking access to adequate forensics technology,” said Claudio Guarnieri, a technologist at Amnesty International. “Because of this, we are rarely able to confirm infections of those who we even already suspect being targeted. Quite frankly, we are on the losing side of a disheartening asymmetry of capabilities that favors attackers over us, defenders.”
An anonymous security expert claimed that iOS is a “bug-rich environment,” and that Apple’s security strategy only works against “hobbyist attackers” but is “quite counterproductive against professional attackers.”
“Of all the mainstream operating systems kernels, you compare the Windows kernel to the Linux kernel to the OSX kernel and iOS kernel, iOS and OSX kernel is routinely the one with more disastrous bugs,” the security researcher said.