#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

Whatsapp | Breaking Cybersecurity News | The Hacker News

WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws

WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws
Jan 20, 2023 Data Protection / Privacy
The Irish Data Protection Commission (DPC) on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data protection laws when processing users' personal information. At the heart of the ruling is an update to the messaging platform's Terms of Service that was imposed in the days leading to the enforcement of the General Data Protection Regulation ( GDPR ) in May 2018, requiring that users agree to the revised terms in order to continue using the service or risk losing access. The complaint, filed by privacy non-profit NOYB, alleged that WhatsApp breached the regulation by compelling its users to "consent to the processing of their personal data for service improvement and security" by "making the accessibility of its services conditional on users accepting the updated Terms of Service." "WhatsApp Ireland is not entitled to rely on the contract legal basis for the delivery of service improvement and security," th

WhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship

WhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship
Jan 06, 2023 Online Safety / Privacy
Popular instant messaging service WhatsApp has launched support for proxy servers in the latest version of its Android and iOS apps, letting users circumvent government-imposed censorship and internet shutdowns. "Choosing a proxy enables you to connect to WhatsApp through servers set up by volunteers and organizations around the world dedicated to helping people communicate freely," the Meta-owned company  said . Proxies act as an intermediary between end users and the service provider by routing requests originating from a client to the server and forwarding the response back to the device. Users can  access the option  by navigating to Settings > Storage and Data > Proxy > Use Proxy and entering a trusted proxy server address. WhatsApp, which is used by more than two billion users across the world, has also made available a  reference implementation  that can be used to set up a proxy server to help others connect to the service. The company emphasized that

external linkEliminating SaaS Shadow IT is Now Available via a Free Self-Service Product

SaaS
websitewww.wing.securitySaaS Security / Shadow IT
This new product provides IT and Security visibility into the risky SaaS apps employees are using.

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak
Dec 27, 2022 Data Security / Privacy
Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action lawsuit filed in 2018. The legal dispute sprang up in response to revelations that the social media giant allowed third-party apps such as those used by Cambridge Analytica to access users' personal information without their consent for political advertising. The proposed settlement, first  reported  by Reuters last week, is the latest penalty paid by the company in the wake of a  number  of  privacy   mishaps   through the years . It still requires the approval of a federal judge in the San Francisco division of the U.S. District Court. It's worth noting that Facebook previously sought to  dismiss the lawsuit  in September 2019,  claiming  users have no legitimate privacy interest in any information they make available to their friends on social media. The  data harvesting scandal , which  came  to  light  in March 2018, involved a

Irish Regulator Fines Facebook $277 Million for Leak of Half a Billion Users' Data

Irish Regulator Fines Facebook $277 Million for Leak of Half a Billion Users' Data
Nov 29, 2022
Ireland's Data Protection Commission (DPC) has  levied fines  of €265 million ($277 million) against Meta Platforms for failing to safeguard the personal data of more than half a billion users of its Facebook service, ramping up privacy enforcement against U.S. tech firms. The fines follow an inquiry initiated by the European regulator on April 14, 2021, close on the heels of a leak of a "collated dataset of Facebook personal data that had been made available on the internet." This included the  personal information  associated with 533 million users of the social media platform, such as their phone numbers, dates of birth, locations, email addresses, gender, marital status, account creation date, and other profile details. Meta acknowledged that the information was "old data" that was obtained by malicious actors by taking advantage of a technique called "phone number enumeration" to  scrape users' public profiles . This entailed misusing a t

Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign

Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign
Nov 17, 2022
A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019. The threat actor, dubbed Fangxiao by Cyjax, is said to have registered over  42,000 imposter domains , with initial activity observed in 2017. "It targets businesses in multiple verticals including retail, banking, travel, and energy," researchers Emily Dennison and Alana Witten  said . "Promised financial or physical incentives are used to trick victims into further spreading the campaign via WhatsApp." Users clicking on a link sent through the messaging app are directed to an actor-controlled site, which, in turn, sends them to a landing domain impersonating a well-known brand, from where the victims are once again taken to sites distributing fraudulent apps and bogus rewards. These sites prompt the visitors to complete a survey to claim cash prizes, in exchange for which the

Modified WhatsApp App Caught Infecting Android Devices with Malware

Modified WhatsApp App Caught Infecting Android Devices with Malware
Oct 13, 2022
An unofficial version of the popular WhatsApp messaging app called YoWhatsApp has been observed deploying an Android trojan known as Triada. The goal of the malware is to steal the keys that "allow the use of a WhatsApp account  without the app ," Kaspersky  said  in a new report. "If the keys are stolen, a user of a malicious WhatsApp mod can lose control over their account." YoWhatsApp offers the ability for users to lock chats, send messages to unsaved numbers, and customize the app with a variety of theming options. It's also said to share overlaps with other modded WhatsApp clients such as FMWhatsApp and HeyMods. The Russian cybersecurity company said it found the malicious functionality in YoWhatsApp version 2.22.11.75. Typically spread through fraudulent ads on Snaptube and Vidmate, the app, upon installation, requests the victims to grant it permissions to access SMS messages, enabling the malware to enroll them to paid subscriptions without their

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
Sep 28, 2022
WhatsApp has released  security updates  to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns  CVE-2022-36934  (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call. The issue impacts the WhatsApp and WhatsApp Business for Android and iOS prior to versions 2.22.16.12. Also patched by the Meta-owned messaging platform is an integer underflow bug, which refers to an opposite category of errors that occur when the result of an operation is too small for storing the value within the allocated memory space. The high-severity issue, given the CVE identifier  CVE-2022-27492  (CVSS score: 7.8), affects WhatsApp for Android prior to versions 2.22.16.2 and WhatsApp for iOS version 2.22.15.9, and could be triggered upon receiving a specially crafted video file. Exploiting  integer overflows  and 

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
Aug 22, 2022
Budget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans designed to target WhatsApp and WhatsApp Business messaging apps. The malware, which Doctor Web first came across in July 2022, were discovered in the system partition of at least four different smartphones: P48pro, radmi note 8, Note30u, and Mate40, was "These incidents are united by the fact that the attacked devices were copycats of famous brand-name models," the cybersecurity firm  said  in a report published today. "Moreover, instead of having one of the latest OS versions installed on them with the corresponding information displayed in the device details (for example, Android 10), they had the long outdated 4.4.2 version." Specifically, the tampering concerns two files "/system/lib/libcutils.so" and "/system/lib/libmtd.so" that are modified in such a manner that when the libcutils.so system library is us

Google Removes "App Permissions" List from Play Store for New "Data Safety" Section

Google Removes "App Permissions" List from Play Store for New "Data Safety" Section
Jul 16, 2022
Following the launch of a new "Data safety" section for Android apps on the Play Store, Google appears to be readying to remove the app permissions list from both the mobile app and the web. The change was  highlighted  by Esper's Mishaal Rahman earlier this week. The  Data safety  section, which Google began rolling out in late April 2022, is the company's answer to Apple's Privacy Nutrition Labels in iOS, allowing users to have a unified view of an app's data collection and processing practices. To that end, third-party app developers are required to furnish the required details by July 20, 2022. With this deadline now approaching next week, the tech giant has taken the step of entirely removing the permissions section. The decision also appears to be a hasty one, as a number of popular apps such as Facebook, Messenger, Instagram, WhatsApp, Amazon (including Amazon Prime Video), DuckDuckGo, Discord, and PhonePe are yet to populate their Data safety sec

Hamas-linked Hackers Targeting High-Ranking Israelis Using 'Catfish' Lures

Hamas-linked Hackers Targeting High-Ranking Israelis Using 'Catfish' Lures
Apr 07, 2022
A threat actor with affiliations to the cyber warfare division of Hamas has been linked to an "elaborate campaign" targeting high-profile Israeli individuals employed in sensitive defense, law enforcement, and emergency services organizations. "The campaign operators use sophisticated social engineering techniques, ultimately aimed to deliver previously undocumented backdoors for Windows and Android devices," cybersecurity company Cybereason  said  in a Wednesday report. "The goal behind the attack was to extract sensitive information from the victims' devices for espionage purposes." The monthslong intrusions, codenamed " Operation Bearded Barbie ," have been attributed to an Arabic-speaking and politically-motivated group called Arid Viper, which operates out of the Middle East and is also known by the monikers APT-C-23 and Desert Falcon. Most recently, the threat actor was  held responsible  for attacks aimed at Palestinian activists

'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks

'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks
Mar 28, 2022
The operators of the  Purple Fox malware  have retooled their malware arsenal with a new variant of a remote access trojan called FatalRAT, while also simultaneously upgrading their evasion mechanisms to bypass security software. "Users' machines are targeted via trojanized software packages masquerading as legitimate application installers," Trend Micro researchers  said  in a report published on March 25, 2022. "The installers are actively distributed online to trick users and increase the overall botnet infrastructure." The findings follow  prior research  from Minerva Labs that shed light on a similar modus operandi of leveraging fraudulent Telegram applications to distribute the backdoor. Other disguised software installers include WhatsApp, Adobe Flash Player, and Google Chrome. These packages act as a first-stage loader, triggering an infection sequence that leads to the deployment of a second-stage payload from a remote server and culminating in the

Facebook Hit With $18.6 Million GDPR Fine Over 12 Data Breaches in 2018

Facebook Hit With $18.6 Million GDPR Fine Over 12 Data Breaches in 2018
Mar 16, 2022
The Irish Data Protection Commission (DPC) on Tuesday slapped Facebook and WhatsApp owner Meta Platforms a fine of €17 million (~$18.6 million) for a series of security lapses that occurred in violation of the European Union's  GDPR laws  in the region. "The DPC found that Meta Platforms failed to have in place appropriate technical and organizational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users' data, in the context of the twelve personal data breaches," the watchdog  said  in a press release. The decision follows the regulator's investigation into 12  data   breach   notifications  it received over the course of a six-month period between June 7 and December 4, 2018. "This fine is about record keeping practices from 2018 that we have since updated, not a failure to protect people's information," Meta  said  in a statement shared with the Associated Press. "

Here's How to Find if WhatsApp Web Code on Your Browser Has Been Hacked

Here's How to Find if WhatsApp Web Code on Your Browser Has Been Hacked
Mar 11, 2022
Meta Platforms' WhatsApp and Cloudflare have banded together for a new initiative called Code Verify to validate the authenticity of the messaging service's web app on desktop computers. Available in the form of a Chrome and Edge  browser extension , the  open-source add-on  is designed to "automatically verif[y] the authenticity of the WhatsApp Web code being served to your browser," Facebook  said  in a statement. The goal with Code Verify is to confirm the integrity of the web application and ensure that it hasn't been tampered with to inject malicious code. The social media company is also planning to release Firefox and Safari plugins to achieve the same level of security across browsers. The system works with Cloudflare acting as a third-party audit to compare the cryptographic hash of WhatsApp Web's JavaScript code that's shared by Meta with that of a locally computed hash of the code running on the browser client. Code Verify is also meant t

Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO

Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO
Jan 11, 2022
Moxie Marlinspike, the founder of the popular encrypted instant messaging service Signal, has announced that he is stepping down as the chief executive of the non-profit in a move that has been underway over the last few months. "In other words, after a decade or more, it's difficult to overstate how important Signal is to me, but I now feel very comfortable replacing myself as CEO based on the team we have, and also believe that it is an important step for expanding on Signal's success," Marlinspike  said  in a blog post on Monday. Executive chairman and WhatsApp co-founder Brian Acton, who famously urged users to #DeleteFacebook in March 2018 and founded the Signal Foundation along with Marlinspike after he walked away from the social media giant in 2017 over a conflict with Facebook's plans to monetize WhatsApp, will serve as the interim CEO while the search for a replacement is on. Founded in July 2014, Signal has more than 40 million monthly users, in

Meta Sues Hackers Behind Facebook, WhatsApp and Instagram Phishing Attacks

Meta Sues Hackers Behind Facebook, WhatsApp and Instagram Phishing Attacks
Dec 21, 2021
Facebook's parent company Meta Platforms on Monday said it has filed a federal lawsuit in the U.S. state of California against bad actors who operated more than 39,000 phishing websites that impersonated its digital properties to mislead unsuspecting users into divulging their login credentials. The social engineering scheme involved the creation of rogue webpages that masqueraded as the login pages of Facebook, Messenger, Instagram, and WhatsApp, on which victims were prompted to enter their usernames and passwords that were then harvested by the defendants. The tech giant is also seeking $500,000 from the anonymous actors. The attacks were carried out using a relay service, Ngrok , that redirected internet traffic to the phishing websites in a manner that concealed the true location of the fraudulent infrastructure. Meta said the volume of these phishing attacks ramped up in volume since March 2021 and that it worked with the relay service to suspend thousands of URLs to the

WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud

WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud
Sep 11, 2021
WhatsApp on Friday  announced  it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. The optional feature, which will go live to all of its two billion users in the coming weeks, is expected to only work on the primary devices tied to their accounts, and not companion devices such as desktops or laptops that simply mirror the content of WhatsApp on the phones. The development marks an escalation in the growing tussle over encryption technology and meeting law enforcement needs, wherein privacy-preserving technologies have created impenetrable barriers to comply with legal demands to access vast swathes of digital information stored on smartphones and the cloud — a phenomenon referred to as the "going dark" problem. While the Facebook-owned messaging platform flipped the switch on end-

WhatsApp Photo Filter Bug Could Have Exposed Your Data to Remote Attackers

WhatsApp Photo Filter Bug Could Have Exposed Your Data to Remote Attackers
Sep 02, 2021
A now-patched high-severity security vulnerability in WhatApp's image filter feature could have been abused to send a malicious image over the messaging app to read sensitive information from the app's memory. Tracked as  CVE-2020-1910  (CVSS score: 7.8), the flaw concerns an out-of-bounds read/write and stems from applying specific image filters to a rogue image and sending the altered image to an unwitting recipient, thereby enabling an attacker to access valuable data stored the app's memory. "A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 could have allowed out-of-bounds read and write if a user applied specific image filters to a specially-crafted image and sent the resulting image," WhatsApp  noted  in its advisory published in February 2021. Cybersecurity firm Check Point Research, which disclosed the issue to the Facebook-owned platform on November 10, 2020, said it was able to

WhatsApp Sues Indian Government Over New Internet Regulations

WhatsApp Sues Indian Government Over New Internet Regulations
May 26, 2021
WhatsApp on Wednesday fired a legal salvo against the Indian government to block new regulations that would require messaging apps to trace the "first originator" of messages shared on the platform, thus effectively breaking encryption protections. "Requiring messaging apps to 'trace' chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people's right to privacy," a WhatsApp spokesperson told The Hacker News via email. "We have consistently joined civil society and experts around the world in opposing requirements that would violate the privacy of our users." With over 530 million active users, India is WhatsApp's biggest market by users.  The lawsuit, filed by the Facebook-owned messaging service in the Delhi High Court, seeks to bar new internet rules that come into force effective May 26. Called the Intermediary Guide

Facebook Will Limit Your WhatsApp Features For Not Accepting Privacy Policy

Facebook Will Limit Your WhatsApp Features For Not Accepting Privacy Policy
May 08, 2021
WhatsApp on Friday disclosed that it won't deactivate accounts of users who don't accept its  new privacy policy  rolling out on May 15, adding it will continue to keep reminding them to accept the new terms. "No one will have their accounts deleted or lose functionality of WhatsApp on May 15 because of this update," the Facebook-owned messaging service  said  in a statement. The move marks a turnaround from its previous stance earlier this year when the company outlined plans to make the accounts completely inaccessible should users choose not to comply with the data-sharing agreement and opt not to have their WhatsApp account information shared with Facebook. "If you haven't accepted by [May 15], WhatsApp will not delete your account. However, you won't have full functionality of WhatsApp until you accept," the company had  previously said . "For a short time, you'll be able to receive calls and notifications, but won't be able to

New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely

New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely
Apr 14, 2021
Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even exfiltrate sensitive information. The flaws take aim at devices running Android versions up to and including Android 9 by carrying out what's known as a "man-in-the-disk" attack that makes it possible for adversaries to compromise an app by manipulating certain data being exchanged between it and the external storage. "The two aforementioned WhatsApp vulnerabilities would have made it possible for attackers to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions," researchers from Census Labs  said  today.  "With the TLS secrets at hand, we will demonstrate how a man-in-the-middle (MitM) attack can lead to the compromise of WhatsApp communications, to remote code execution on the victim device and to the extraction of Noise protocol keys u
More Resources