Mobile Hacks That Gain Entry Via Secure Apps

By Avalon Siegel
May 4, 2021
5 min

Picture this: You make a call via WhatsApp on your mobile, since it’s an encrypted app you trust it 100%. But then the next day, you start to notice strange things going wrong on your phone. You ask yourself what’s going on?

This is an all too real scenario that has come to light in India and other countries all over the world. Yet, it turns out that a simple hack has taken over thousands of phones by maliciously exploiting a vulnerability in WhatsApp’s video-calling feature. Whatsapp is used by over 2 billion people and is supposedly one of the most trusted communications platforms on the market.

How can an attack from a distance occur?

It is still under investigation, but it is believed that the hack installed an invasive spyware, known as Pegasus, that can take control over one’s phone.

Pegasus was developed by the NSO Group, a company that has been dedicated to developing sophisticated malware programs for governments that need to target certain smartphones. Following official explanations, the company only sells its Pegasus software to other governments and State Security Forces to combat crime and terrorism. Pegasus spyware allows you to read messages, access mobile content and even activate mobile components such as the camera or microphone in the background . It is a powerful tool that exploits critical vulnerabilities to attack mobiles from a distance.

In this disputed case, the malicious script, without these users’ knowledge, downloaded and installed the notorious Pegasus software on their phones, allowing NSO’s clients to monitor practically all activity on the devices, including their location, camera, microphone, peg and, ironically, decrypted copies of incoming and outgoing communications.

The powerful spyware was able to do so because of gaps in the phone’s operating systems (i.e. Apple’s iOS or the Android operating system).

This is the equivalent of having a secure, electronic sentry system guarding your front door and several guard dogs on alert. But then you find that when you open your door, an invisible culprit snuck in and gained access to your entire electrical wiring and all your household electronics and appliances in the blink of an eye.In this analogy, it’s essential to know that it’s safe to open your door. However, you also need to ensure that your home’s electrical system is also tamper-proof.

The same goes for your business and personal mobile phones. If they’re not properly secured thoroughly, any of them could allow entry to an expensive hack.

So how can I prevent such an attack?

Buffer overflow is probably the best known form of software security vulnerability. A majority of software developers know what a buffer overflow vulnerability is, but yet still quite common. due to the wide variety of ways buffer overflows can occur, and part is due to the error-prone techniques often used to prevent them.

In principal, the main cause of buffer overflows is the combination of memory manipulation and mistaken assumptions about the size of buffers from the developers. A way to have less exploits from buffer overflows would be to avoid the use of code whose function relies to the length of external data input, the use of code that does not strictly monitor the data type of an external data input and in general code with high complexity in which a buffer overflow would be more difficult to be detected from the developers. One last step that could help would be the use of those “unsafe” languages only when it is necessary due to the nature of the application to do so and when they are used to ensure that they are used with their bounds safe functions.

In general, once Pegasus is downloaded in the victim’s mobile device, the attackers are able to remotely track calls and location of the phone, read text messages, access the device’s microphone and camera, as well as spy on various third-party applications on the user’s phone. Some other confirmed applications that are susceptible to the spyware include Gmail, Facebook, Skype, WhatsApp, Viber, Facetime, Calendar, Line, Mail.Ru, WeChat, Surespot, Tango, Telegram, as well as others.

The Good News?

However, what’s the silver lining to all this? As powerful as this spyware is, the average person is not likely to be targeted. The primary targets of the attack were political dissidents in the UAE and Israel.

It’s fair to assume that you’re not a person of interest if you are a regular Joe. Unless you’re someone who’s planning a massive attack or a threat to a nation, you have no need to fret.