Major Security Flaws Found In Signal And other Video Chat Apps

As reported by TechRadar, vulnerabilities found in Signal, Google Duo, Facebook Messenger, and other messaging apps allowed attackers to listen in on users without their permission, security experts have warned.

“On January 29, 2019, a serious vulnerability was discovered in Group FaceTime which allowed an attacker to call a target and force the call to connect without user interaction from the target, allowing the attacker to listen to the target’s surroundings without their knowledge or consent,” Natalie Silvanovich, a security engineer at Google’s Project Zero, wrote.

Following the discovery of the FaceTime vulnerability, Project Zero found similar flaws affecting Signal, Google Duo, Facebook Messenger, JioChat, and Mocha. No issues were found in the Telegram or Viber apps after they were also investigated. The security flaws, which required little technical skill to exploit, have all since been patched.

Experts Comments

January 21, 2021
Jake Moore
Cybersecurity Specialist
ESET

Google’s Project Zero research team do a magnanimous job in keeping possible threats from hitting our phones. Vulnerabilities that can occur without even requesting that the victim touch their device have the capability of causing havoc around the world, so it is vital that teams such as this continue to test and patch any zero-day threats they uncover. These threats are usually patched very quickly. Plus, Signal is open source which makes it easier to patch and keeps costs down.

 

In recent

.....Read More

Google’s Project Zero research team do a magnanimous job in keeping possible threats from hitting our phones. Vulnerabilities that can occur without even requesting that the victim touch their device have the capability of causing havoc around the world, so it is vital that teams such as this continue to test and patch any zero-day threats they uncover. These threats are usually patched very quickly. Plus, Signal is open source which makes it easier to patch and keeps costs down.

 

In recent years we have seen problems arise from similar zero-click threats such as the infamous Pegasus spyware, but luckily for us this spyware and the threats uncovered by the Project Zero team have all since been patched, so make sure you always keep all your apps’ and your device’s operating system up to date.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.