There is an eavesdropping issue in the messaging app


At the beginning of 2019, A vulnerability in FaceTime group calls would allow an attacker to activate the microphone or even the camera of the iPhone they are calling and eavesdrop on before the recipient does anything. The impact was so severe that Apple invoked the nuclear option, Cut off access Until the company can fully use the group call function Post fixThis loophole — and the fact that it does not require the victim to click or click at all — attracted Natalie Silvanovich.

“You can find the error that affects it, and the idea that you can answer the phone without any interaction-it’s surprising,” said Silvanovich, a researcher. Google’s zero-vulnerability project team“I was a little sad, trying to find these vulnerabilities in other applications. I eventually found a lot.”

Silvanovic spent years researching “No interaction” vulnerability, Crack Do not need their goals Click on malicious links, download attachments, enter a password in the wrong place, or participate in any way.These attacks are becoming more and more important because Targeted mobile monitoring Exploded all over the world.

At the Black Hat Security Conference in Las Vegas on Thursday, Silvanovich demonstrated her information on ubiquitous communication applications such as Signal, Google Duo, and Facebook Messenger, as well as remote eavesdropping vulnerabilities in popular international platforms JioChat and Viettel Mocha. Find. All the vulnerabilities have been patched, and Silvanovic said that within the days or weeks of her disclosure, developers responded very positively to fixing the vulnerabilities. But the sheer number found in mainstream services highlights the prevalence of these flaws and the need for developers to take them seriously.

“When I heard about the FaceTime group error, I thought it was a unique error that would never happen again, but it turned out not to be the case,” Silvanovic said. “This is something we didn’t know before, but now it’s important for people who develop communication applications to realize it. You promise your users that you won’t suddenly start streaming their audio or video at any time. Make sure you The application that meets this is your burden.”

The vulnerability discovered by Silvanovich provides multiple eavesdropping options.This Facebook Messenger The vulnerability could allow an attacker to listen to the audio of the target device.This Vietnamese Mocha and Know almost Errors may provide advanced access to audio and video.This Signal The defect only exposes the audio.and Google Duo The vulnerability allows video access, but only for a few seconds. During this period, the attacker can still record a few frames or take screenshots.

The applications that Silvanovich observed all built most of the audio and video call infrastructure on real-time communication tools from the open source project WebRTC. Some non-interactive call vulnerabilities originate from developers who seem to misunderstand WebRTC features or improperly implement them. But Silvanovich said that other flaws come from design decisions specific to each service, which are related to when and how to set up a call.

When someone calls you on an internet-based communication application, the system can immediately begin to establish a connection between your devices. This process is called “establishment”, so when you click accept, the call can begin immediately. Another option is to let the app wait for a while, wait to see if you answer the call, and then spend a few seconds to establish a communication channel after knowing your preferences.


Source link