Keep Calm and Update Whatsapp
By MYBRANDBOOK
WHAT HAS HAPPENED, and WHY IS IT A BIG DEAL?
NSO group, a secretive Israeli company has been marketing a vulnerability called a ‘Zero Click Zero Day’ vulnerability in Whatsapp for about a year to surveillance agencies and governments. This type of vulnerability is one where the maker of the app itself, in this case, Whatsapp itself was not aware that a vulnerability existed, and so a Zero Day. ‘Zero Click’ because the targeted user does not need to click on anything, or open anything, it happens silently in the background.
STATEMENT FROM OUR SUBJECT MATTER EXPERT: Ankush Johar, Director at HumanFirewall, an award-winning security awareness and end-to-end remediation platform that transforms human behaviour.
“This type of vulnerability is lethal, because ‘Zero Click Zero Day’ type vulnerabilities mean that the attacker is able to infect your phone without you taking any action whatsoever. Just a phone call on WhatsApp and your phone gets infected. It is that lethal.”
“It is yet unclear whether this infection can spread from WhatsApp to the entire device yet, but Whatsapp data itself including calls and messages definitely are. Also, it is not known yet if updating to the latest build removes the infection from an already infected device.”
“It is a big deal because such vulnerabilities are extremely dangerous and can hurt free speech activists, lawyers, critical agencies’ employees, journalists, human rights defenders among others. They think that their conversations are encrypted end-to-end and cannot be intercepted, but with this vulnerability, they can!”
WHY KEEP CALM?
Such vulnerabilities carry multi-million dollar price tags, and unless your conversations are meant to be ultra confidential, and you are involved in handling highly sensitive matters, you are unlikely to have been targeted. This does not mean that you have not been targeted.
For users handling sensitive matters, we recommend that you do a fresh install of Whatsapp, and start afresh, i.e no reloading of backed up data. The infection may get reloaded from the backup data as well.
“The only solution from a consumer perspective lies in becoming suspicious by nature and be always vigilant of such mishaps. Diligently following some good practices mentioned below can always help you safeguard and be in a much secure place” says Ankush Johar, Director at HumanFirewall, an information security platform aimed at altering one’s psychology through simulated attacks and effective training.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
HP INDIA SALES PVT. LTD.
TALLY SOLUTIONS PVT. LTD.
POLYCAB INDIA PVT. LTD.
ATRIE TECHNOLOGY PVT. LTD.
Technology Icons Of India 2023: Debjani Ghosh
Debjani Ghosh is the first woman president of NASSCOM (the umbrella bo...
Technology Icons Of India 2023: Girish Mathrubootham
Girsh Mathrubootham envisioned and co-founded Freshworks. Freshworks, ...
Technology Icons Of India 2023: Shailender Kumar
Shailender Kumar is senior vice president and regional managing direct...
CSCs enabling rural India digitally empowered
Common service centres (CSCs) are digital access points under the Digi...
New defence PSUs will help India become self-reliant
MIL, India’s biggest manufacturer and market leader is engaged in Pr...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
INGRAM MICRO INDIA PVT. LTD.
Ingram Micro India, a large national distributor offers a comprehensiv...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...
WPG C&C COMPUTERS & PERIPHERALS PVT. LTD.
WPG C&C Computers & Peripherals (India) was incorporated in 2008 and ...