Much has been said of late regarding Facebook’s culpability within the vapid vacuum of a mud-pit that is American politics. A more imminent reason for Americans to be wary of their favorite messaging app has recently sprung up on smartphones. In addition to being a tool for spreading the “fake news” & warped political ideologies that fanatics of both sides feel the urge to propagate, WhatsApp (owned by Facebook Inc.) is being used to funnel intrusive and potentially dangerous malware onto unsuspecting user’s devices.
The bug seems to inject a specialized .mp4 file onto a user’s device to attempt to gain access. It’s similar to a threat in India that was dubbed ‘Pegasus’ that allowed hackers to track users’ locations, read sensitive text messages, and even access an infected device’s video cameras. Also injected onto smartphones via WhatsApp, the vulnerability, which was originally developed by an Israeli cyber-arms firm (NSO), spread to at least 45 countries before being patched. It’s even been reported that the vulnerability was weaponized to target journalists and activists.
As always, regions with slower bandwidths tend to have users who don’t update their apps & device firmware as frequently. Even domestic users, with the luxury of reliable broadband (including those fortunate enough to live in 5G roll-out cities), tend to be flippant regarding cyber-security. Many fail to update as aggressively as needed to ensure privacy in a digital wilderness.
Those impacted are any running devices with Android versions prior to 2.19.274 or iOS versions prior to 2.19.100. Users should seek to update immediately to receive WhatsApp’s critical security patches. Subscribers to WhatsApp should reach out to their technical support team should they encounter any challenges in updating.
Facebook will undoubtedly face unprecedented challenges in securing the social network leading up to the 2020 election. As both parties make their cases for their respective soup-du-jour candidates, political rivals both domestic and abroad will continue to develop and refine these high-tech exploits to corrupt the process further. Unfortunately, most of these exploits are detected and patched after the fact. It’s up to individual users to be vigilant as to what data they keep on their devices and staying abreast on updates and critical security alerts from app vendors.
