An informant revealed how nasty spyware used in the gap WhatsApp enables governments to secretly access everything on your smartphone, from text messages to the microphone and cameras.
For most of us, it's hard to know if our phone has been infected with spyware.
"Malicious really sophisticated materials and was designed to be very light and not very observable by the user," he said John Scott-Railton, Principal investigator of the Citizen Lab at the Munk School of the University of Toronto.
The Citizen Lab is a group of academic research that has been credited as the first to identify an application especially malicious spy named "Pegasus«.
Pegasus was created by the NSO Group, an Israeli software company that sells products to governments.
If your phone is infected with Pegasus, it is almost impossible to know, and why it is so dangerous. That's why a massive security failure in the messaging service WhatsApp, owned by Facebook, revealed this week, allowed hackers to install Pegasus on target phone simply calling them.
What happened with WhatsApp?
Monday, WhatsApp released a software update for its more than 1,500 million users.
The aim of the update was to repair a massive security breach in which hackers They could infect phones simply calling them through WhatsApp.
No need to accept the call, and call logs could even remotely be erased after the fact, as if the thieves had broken almost on your phone, had taken what they wanted and had left no trace.
"The way of thinking about this is like using WhatsApp as a vector," he said Scott-Railton. "If indeed it is the NSO, your job is to find new vectors to offer its customers access to telephones. And WhatsApp is just another in the list. "
In short: WhatsApp security failure was a new way for hackers infect the smartphones with malicious software.
WhatsApp security hole arranged her, but not before at least one victim was affected target: A human rights lawyer unidentified based in the UK.
What is Pegasus?
What does the Pegasus is actually relatively simple: Once your smartphone is infected with Pegasus, the application provides full access to remotely and discreetly.
This includes text messages as well as camera and microphone of your smartphone. Spyware was created by an Israeli company, the NSO Group, it's nothing new.
Pegasus was first discovered in 2016, If your phone is infected with spyware as Pegasus, probably will not overheat or break suddenly during the life of the battery. If that were the case, "then the people who did it has not done his job well," he said Scott-Railton.
In fact, if you're not an investigator cybersecurity, it is almost impossible to know.
"It's quite complicated because the software is designed to be hard to find," he said Scott-Railton. "What we did first was to capture network traffic entering the phone after clicking on link, and that gave us the source of infection."
Unless you are monitoring network traffic entering your smartphone and be smart enough to know what kind of network traffic could prove malicious behavior, it is unlikely to detect spyware as Pegasus running on your device.
What can you do?
First, you must update WhatsApp to seal this security hole.
"We are reasonably satisfied to have seen an attempt to block WhatsApp infection," he said Scott-Railton.
He also encouraged people not to lose faith in encrypted messaging applications like WhatsApp simply by a single security breach. "Users should not lose confidence in encrypted messaging at all," he said. "The encrypted messaging is important."
Beyond that, there is little you can do outside renounce all smartphones.
Scott-Railton He gave a final warning: "Readers should worry that companies have to find, store and sell these really powerful vulnerabilities that make us all less safe."
Deepin In Spanish It is our community