A few days after it was reported that Amazon CEO Jeff Bezos’ iPhone was hacked through WhatsApp, the app’s parent company Facebook has blamed the potential vulnerabilities in Apple’s smartphone operating system iOS for the incident. Two executives from the Menlo Park-situated company said that WhatsApp's end-to-end encryption is unhackable. Investigators believe that Bezos's phone was compromised after he received a video containing malware via WhatsApp. This 4.4MB video file was sent to him by crown prince of Saudi Arabia, Mohammed bin Salman, who is popularly known as MbS.
‘One of the things that it highlights is actually some of the potential underlying vulnerabilities that exist on the actual operating systems on phones,’ Facebook Vice President Nicola Mendelsohn told Bloomberg Television in an interview at the World Economic Forum in Davos, Switzerland. Stating that Facebook takes allegations like WhatsApp used for hacking very seriously. ‘It can’t have been, it can’t have been anything on the, when the message was sent in transit, because that’s end-to-end encrypted on WhatsApp...I suspect it must have been something like that, so something would have affected the phone operating system,” she added.
Her comments came after Facebook's Vice President of Global Affairs & Communications, Nick Clegg, told BBC that hacking wasn't WhatsApp's fault because end-to-end encryption is unhackable. ‘It sounds like something on the... you know, what they call the operate, operated on the phone itself. It can't have been anything, when the message was sent, in transit, because that's end-to-end encrypted on WhatsApp,’ Clegg said.
How vulnerable are you?
Now the question arises, if one of the richest men in the world could get hacked, how safe or vulnerable is the general public? Before we answer that, let’s get to the nitty gritties of what happened in Bezos’ case.
Last week, media reported that MbS shared an encrypted and allegedly malicious video file with Bezos through WhatsApp on May 1, 2018. FTI Consulting, a firm that has investigated Bezos' phone, said that its investigators saw 29,000 per cent skip in traffic sent from the device after the video was downloaded on the phone. About 6GB of data was compromised over a period of a few weeks. Reportedly, prior to the infection, Amazon's CEO had an average of 430KB/day egress data, but after the hack the executive’s iPhone had 101MB/day in egress data. This suggests that the data was under surveillance.
Investigators also believe that Bezos's iPhone was hacked after he downloaded the 4.4MB video file that was sent to him by MbS. This style of hacking is similar to the one done last year where the phones of 1,400 select journalists and human rights activists were compromised by Pegasus, a spyware developed by Israel-based NSO Group. The group ties up with governments and use the technology to fight terrorism and crime. A report in The Financial Times had said that the company has Middle Eastern and Western countries as its customers.
Last year, WhatsApp had confirmed a ‘critical vulnerability’ in both Android/iOS WhatsApp versions that lets hackers send a specially crafted MP4 file to WhatsApp user and ‘trigger the stack-based buffer overflow to perform remote code execution and DoS Attack.’ In easier terms, this means that hackers can deploy the malware via ‘specially crafted’ MP4 file on a user’s device to steal sensitive files and keep it under surveillance.
Such infected file can be sent to anyone and the spyware/malware with the file will be active after the user downloads it. The user won’t be able to identify if his/her phone is compromised. The best way to get yourself safe is to avoid downloading/opening video files from unknown numbers. Further, you need to keep updating your app so that any loopholes or vulnerability are mitigated before cyber criminals use them to compromise your devices.