The whole world is now talking about Amazon CEO Jeff Bezos' phone hack which was targeted in May 2018. Reports revealed that it was a malware attack which was triggered through a malicious video file sent to the 56-year-old founder of the e-commerce company on WhatApp by the Saudi crown prince Mohammad bin Salman.
Even though this incident affected only Bezos' life, as months later details about his alleged extra-marital affair and private conversations were published by US tabloid the National Enquirer, showing that no device is 100 percent safe and secured from hacking.
Hacking attempts via WhatsApp
The Guardian reported that a source said that a large amount of data was extracted from the Amazon billionaire's personal phone within hours of the attack in 2018 according to the results of digital forensic analysis.
It should be mentioned that the hacking attempts by using videos or making calls are nothing new. In 2019, WhatsApp had filed a lawsuit against an Israeli surveillance company, NSO and accused them of cyber attacks for hacking into the phones of activists, lawyers, journalists, religious scholars and academics.
Whatsapp also claimed that the around 1,400 people in 20 different countries were targeted by the Pegasus spyware for a 14-day period from April-end to mid of May. Last year, the cybersecurity agency of India warned WhatsApp users about another attack, where a device was targeted by the malicious MP4 video file.
How Spyware attacks happen?
Spyware is actually a type of malware that infects a PC or mobile device and gathers information about the victim, including the sites a user visit, the things a victim downloads, usernames and passwords, payment information and the emails which the targeted users send and receive.
As per Malwarebytes, there are a few ways through which a Spyware can infect the targets and these are-
- Security vulnerabilities
- Phishing and spoofing
- Misleading marketing
- Software bundles
- Mobile device spyware
Spyware targeting mobile phones
Malicious apps available in third-party stores and have occasionally been found on Play Store too, despite Google's protection schemes can infect a device with spywares after installation. As per the experts, many of these malicious apps use advanced obfuscation techniques such as encrypting the malicious file to avoid being detected. These apps can also plant a "back door" on the device and send critical data to a remote server.
Some hackers can also target phone via sending a malicious SMS with a fake OTA (over the air) update offering the target new network configuration settings. After downloading the settings attackers can route all internet traffic originating from the phone through a proxy server controlled by the threat actors and then monitor all online activity.
Malwares like BlueBorne can spread through airwaves using Bluetooth connectivity. Connecting to a public WiFi network is also quite risky and these networks can be used to carry out man-in-the-middle attacks. Using USB to charge a smartphone would be dangerous at a public place, as reports revealed that it can also vulnerable to attacks.