Kaspersky, Telecom News, ET Telecom | #cybersecurity | #cyberattack

NEW DELHI: Instant messaging (IM) platform WhatsApp’s new ability to enable people to join a group call after it has already been started presents an increased risk of devices getting infected with trojan which will increase the risk of eavesdropping.

“…If a device is infected, it is highly likely that the Trojan will have the ability to record the device microphone and camera – enabling attackers to eavesdrop on any conversations, regardless of the communication channel used, be it an instant messenger or a regular call on a mobile phone,” said Victor Chebyshev, Lead Security Researcher at Kaspersky in a statement on Thursday.

The bottom line for an attacker is that joining a call will be convenient for them if they are a member of a WhatsApp group.

“All they have to do is wait until most of the participants have joined and then hope that they can participate unnoticed. The attacker also doesn’t need to sit and wait for the start of the call, as they connect at any time,” Chebyshev added.

It is worth noting that the group administrator can keep track of participants and ensure that outsiders are not joining.

Additionally, WhatsApp promises that the feature is secured with end-to-end encryption.

“Thus, neither the app itself nor the people trying to organize a man-in-the-middle attack, will be able to intercept either group correspondence or calls, including group calls,” Chebyshev further said.

He noted that most of the malicious software to date has focused on intercepting archived WhatsApp messages and online text messages.

However, the cybersecurity firm has not yet encountered any interception of calls or even group calls.

Kaspersky’s statement comes amid uproar against Israel-based NSO Group’s Pegasus software being reportedly used for snooping against journalists, human rights activists, and politicians in India and abroad.

An NSO Group spokesperson in a strongly worded statement termed the campaign as ‘vicious and slanderous’ and added that it will not respond to any further media inquiries while the Central government has vehemently denied the allegations.

WhatsApp had previously filed a lawsuit in the United States against NSO alleging that the company is using the messaging platform for cyber espionage.

Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

seventy four − 66 =