This Week in Data Breaches: WhatsApp Spyware Exploit

From news of a WhatsApp exploit that allowed attackers to install spyware on users’ phones to Microsoft’s “wormable” malware vulnerability, here we round up the latest in data security and privacy news.

WhatsApp Exploit Allowed Attackers to Install Spyware on Phones

WhatsApp confirmed Monday that they discovered and fixed a vulnerability in the company’s app earlier this month that allowed attackers to remotely install spyware on users’ phones. Hackers exploited a bug in the app that allowed callers to install Pegasus, spyware that is often used by countries for surveillance and intelligence purposes, on the receiver's device without their knowledge. WhatsApp has yet to determine how many phones were targeted. Pegasus was developed by the NSO Group, an Israeli technology firm known for its digital surveillance tools.

Spyware is malicious software that gathers information on a target by collecting data from a device, usually used by hackers to steal your identity or governments to surveil your activity. As reported by the Financial Times, “The malicious code, developed by the secretive Israeli company NSO Group, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs.”

Pegasus is marketed to intelligence agencies, often to regimes in the Middle East, and is capable of listening in on a target using a device’s microphone as well as siphoning off emails, messages, and location data. Intelligence agencies have used Pegasus in the past to target activists and dissidents. WhatsApp rolled out a fix on Monday and recommends that all users update to the latest version of the app as soon as possible.

Microsoft “Wormable” Malware Vulnerability

Yesterday, Microsoft took the unusual step of releasing security updates for older versions of Windows, including Windows XP and 2003, in order to close up a vulnerability that could lead to fast-moving malware similar to the “Wannacry” ransomware attacks in 2017. The vulnerability exists in Windows 7, Windows XP, Windows Server 2008, and Windows 2003.

Microsoft said in a statement, “While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”  It is “wormable” because malware that exploits this vulnerability can quickly spread from computer to computer without users’ knowledge, making it possible for malware to be spread globally and potentially infect hundreds of thousands of systems.

Financial Data Stolen from Some of the World’s Largest Companies

As reported by Motherboard, hackers broke into Citycomp, a digital infrastructure firm, earlier this month and stole financial data from some of the largest companies in the world. Hackers were able to access financial data from Oracle, Volkswagen, Airbus, Toshiba, Leica, UniCredit, British Telecom, Hugo Boss, Porsche, and more. According to a website setup by the hackers, they claim to have stolen “312,570 files in 51,025 folders, over 516GB data financial and private information on all clients.”

Citycomp told Motherboard that the company “has been hacked and blackmailed and the attack is ongoing.” The hackers have demanded $5,000 in ransom for the data. Motherboard reported that the contact information used by the hackers is connected to previous ransomware attacks. “We did not yield to the extortion demands and our analysts are conducting a profound technical and forensic analysis on the attack,” Michael Bartsch, executive director of Deutor Cyber Security Solutions, told Motherboard.

Data Leak Exposed Information of 80 Million American Households

Security researchers found a publicly-accessible database earlier this month that was leaking information on over 80 million American households, including names, addresses, dates of birth, and income. Researchers Noam Rotem and Ran Locar at VPNMentor discovered the database on an unsecured Microsoft cloud server while scanning known IP blocks for potential data leaks as part of web mapping project.

The researchers were unable to determine who the database belonged to, but were eventually able to get it taken offline. Because the data contains values for income, researchers believe that “the database is owned by an insurance, healthcare, or mortgage.” With the database containing information on more than 80 million households, it more than likely exposed information on hundreds of millions of Americans, making it a potential treasure trove for identity thieves.

Want to learn how you can minimize your risk of identity theft? We’ve put together an easy to understand guide on how to protect your identity.

Bloom: Take Back Control of Your Data

At Bloom, we are giving you the tools to take back control of your data. No more centralized data storage. No more selling off your data to the highest bidder. No more risking identity theft. Bloom enables you to own, control, and protect your data using the latest advancements in blockchain technology.

It’s time to take back control of your data and unlock the power of a secure, reusable identity today. Download the Bloom mobile app to build a cryptographically secured identity, sign-up for data breach alerts with Radar, and browse the latest credit offers in the Marketplace!