One of the most advanced mobile spyware on the planet, the WhatsApp exploit installs Pegasus spyware on to Android and iOS devices.
A buffer overflow vulnerability in WhatsApp VOIP stack allows remote attackers to run random code on target phones by sending a specially crafted series of SRTCP packets.
The vulnerability, identified as CVE-2019-3568, can successfully be taken the advantage to install the spyware and steal data from a targeted Android phone or iPhone by making a WhatsApp call, even when the call is not answered yet.
Also, the victim would not be able to find out anything because spyware erases the incoming call information from the logs to perform smoothly
Only a select number of users were targeted by the vulnerability.The spy also allows attackers to access an incredible amount of data from victims smartphones remotely, including their text messages,Voice messages, emails, WhatsApp messages, contact details, calls record, location, microphone, and camera and all without the victims knowledge.
The vulnerability affects all except the latest version of WhatsApp on iOS and Android, meaning the flaw affected all 1.5 billion people using WhatsApp until yesterday when Facebook finally patched the issue.
NOTE: It should be noted that all users on both iOS and Android must update their apps to the latest version of the messaging app as immediately to overcome the issue.