Among the dozens of controversial tweets posted by Elon Musk, one caught the attention of cybersecurity professionals and enthusiasts last Thursday. Musk tweeted a picture with all versions of the robot arm emoji, all available on major messaging platforms; in the text of the post, Musk wrote: “The last one includes a free phone hack.”
The billion-dollar-man comment referred, in a mocking tone, to the version of the robot emoji available on WhatsApp, Facebook-owned messaging platform and roasted due to the constant finding of security flaws.
As multiple cybersecurity firms reported, a
couple of weeks ago a forensic analysis concluded that the iPhone of Jeff
Bezos, CEO of Amazon, was hacked by using WhatsApp, thanks to the sending of a
video loaded with malware from Mohammed bin Salman’s account, crown prince to
the Saudi throne. The investigation determined that this attack allowed the
extraction of large amounts of sensitive data from Bezos’ device.
Of course, this was not the only security
incident reported on WhatsApp during 2019. At least 12 critical vulnerabilities
were found on the messaging platform over the past year, an average much higher
than the 2 or 3 security flaws discovered in the past 4 four years.
Security errors are not the only threats faced
by WhatsApp, as the platform has also been targeted by various cyberattacks,
such as the one that occurred in May 2019, when a group of threat actors
managed to install spyware
on the smartphones of hundreds of users. After a cybersecurity analysis, the
company concluded that an “advanced hacker group” was responsible for
this attack, which compromised sensitive information such as usernames,
messages, files, and location data.
According to the International Institute of Cyber
Security (IICS), WhatsApp has been the most widely used messaging platform for
years, making it a primary target for attackers looking to compromise as many
users as possible, so it is vital for the company to detect potential security
flaws in time.