One minute read. Written by Samya Singh, a grade 8 student

There’s been a security breach in WhatsApp and many people’s phones have been targeted around the world, including in India.

What happened?

In May 2019, the Facebook owned mobile messaging application, WhatsApp, detected an attack. It was found out that the NSO group, an Isreali cyber-security firm, took advantage of a “buffer overflow vulnerability in WhatsApp VOIP (Voice over Internet Protocol) stack” to send its Pegasus malware to the target devices, even without the users answering the calls they received.

What is Voice over Internet Protocol, or VoIP?

Voice over Internet Protocol, or VoIP, is a type of hardware (the mechanical, magnetic, electronic, and electrical devices which include a computer system, like the CPU (Central Processing Unit), keyboard, or screen) and software (the programs used to direct the operation of a computer, as well as documentation giving instructions on how to use them) that allows people to use the Internet as a form of communication for phone calls.

So, how did NSO insert the malware into accounts?

The NSO created many WhatsApp accounts using phone numbers of various countries that include Brazil, Cyprus, Israel, Indonesia, the Netherlands and Sweden. Then they hired servers and internet hosting services in different countries, like the United States, so that they could connect the devices that they aimed on to a network of distant servers which were supposed to distribute malware (virus) and broadcast commands to the devices that they targeted.

Who were the targets?

WhatsApp said that around 1,400 WhatsApp users were targeted and attacked by the Pegasus malware (virus). Indians whose phones were attacked include Priyanka Gandhi Vadra, Congress General Secretary, Shubhranshu Choudhary, Former BBC Journalist and Ashish Gupta, Delhi-Based PUCL Activist.