Vulnerabilities in Signal, Google Duo and Facebook messenger allowed eavesdropping

User’s privacy and security are at huge risk due to these vulnerabilities present in leading apps.

Google’s researcher reported that these vulnerabilities in the above-listed apps allowed hackers to eavesdrop without getting detected. The vulnerability allowed hackers to listen to the surrounding audio even before the call was picked up.

The vulnerable apps include Google Duo, Signal, JioChat, Facebook Messenger, and Mocha messaging apps. The vulnerability brings a huge breach of privacy and security to the table which will haunt users for a very long period.

The bug in Signal allowed attackers to send the connect message from the caller device to the callee without any user interaction. The Google Duo bug was a race condition allowing the callees to leak unanswered calls video packets to the caller to connect the audio calls before it was answered.

Facebook Messenger’s bug could allow an attacker to initiate a call and send out a custom message to any target after logging in to the app. The bugs in Mocha and JioChat allowed sending JioChat audio and Mocha audio/video.

However, all of these vulnerabilities are patched as of now, NPAV recommends users to regularly update all the apps on their devices. Updates often contain security patches that will ensure the proper security of your devices.

Install NPAV on your devices to keep them protected from all kinds of cyberattacks. Use NPAV and join us on a mission to secure the cyber world.

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *