Instant messaging (IM) platform WhatsApp’s new ability to enable people to join a group call after it has already been started presents an increased risk of devices getting infected with trojan which will increase the risk of eavesdropping.
“...If a device is infected, it is highly likely that the Trojan will have the ability to record the device microphone and camera – enabling attackers to eavesdrop on any conversations, regardless of the communication channel used, be it an instant messenger or a regular call on a mobile phone,” said Victor Chebyshev, Lead Security Researcher at Kaspersky in a statement on Thursday.
The bottom line for an attacker is that joining a call will be convenient for them if they are a member of a WhatsApp group. “All they have to do is wait until most of the participants have joined and then hope that they can participate unnoticed. The attacker also doesn’t need to sit and wait for the start of the call, as they connect at any time,” Chebyshev added.
It is worth noting that the group administrator can keep track of participants and ensure that outsiders are not joining.
Additionally, WhatsApp promises that the feature is secured with end-to-end encryption.
“Thus, neither the app itself nor the people trying to organize a man-in-the-middle attack, will be able to intercept either group correspondence or calls, including group calls,” Chebyshev further said.
He noted that most of the malicious software to date has focused on intercepting archived WhatsApp messages and online text messages. However, the cybersecurity firm has not yet encountered any interception of calls or even group calls.
Kaspersky’s statement comes amid uproar against Israel-based NSO Group’s Pegasus software being reportedly used for snooping against journalists, human rights activists, and politicians around the world.