Can software hackers hack pictures from Whatsapp?

A sophisticated mobile malware campaign is gaining access to iPhones by tricking users to download an open-source mobile device management (MDM) software package.To enrol an iOS device into MDM, a user has to manually install the certificate which is obtained through the Apple Developer Enterprise Program.

Hackers use social engineering techniques to install MDM in their device. Once it has installed, the attackers used the MDM service to remotely install modified versions of legitimate apps like WhatsApp andTelegram onto the devices. The hackers then inject malicious features into these legitimate apps in order to secretly spy on users and steal their real-time location, contacts, photos, SMS and private messages from chat applications.

It is true that a software writes the software and a hardware runs with the software. MDM is an open source developed tool for the mobile device management, in which hackers use the same open source platform to decrypt it and rewrite the application. With this it can control and the unidentified hackers can steal various forms of sensitive information from infected devices, including the phone number, serial number, location, contact details, user's photos, SMS and WhatsApp chat messages. Attackers are using this protocol to install malicious applications and spy on devices remotely.

The fact remains debatable, as we have very sophisticated developers in in India too. We can’t blame on Russia, as the hackers are said to be from India but they are posing themselves from Russia. As the technology evolves, you can do and show anything remotely. A question comes as to who is to be blamed - is it technology or human for the innovation?

Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices. In social engineering attacks the victim is tricked into clicking, accept or giving the attacker physical access to a device. This campaign is of note since the malware goes to great lengths to replace specific mobile apps for data interception. Talos has worked closely with Apple on countering this threat. Apple had already actioned 3 certificates associated with this actor when Talos reached out, and quickly moved to action the two others once Talos tied them to the threat.

The attacker used the BOptions sideloading technique to add features to legitimate apps, including the messaging apps WhatsApp and Telegram that were then deployed by the MDM onto the 13 targeted devices in India. The purpose of the BOptions sideloading technique is to inject a dynamic library in the application. The malicious code inserted into these apps is capable of collecting and exfiltrating information from the device, such as the phone number, serial number, location, contacts, user's photos, SMS and Telegram and WhatsApp chat messages. Such information can be used to manipulate a victim or even use it for blackmail or bribery.

Users must be aware that accepting an MDM certificate is equivalent to allowing someone administrator access to their device, passwords, etc. This must be done with great care in order to avoid security issues and should not be something the average home user does.