Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Telegram ThePornDude
Home Artists Posts Import Register

Signal Call Attack - ThreatWire CrossPost (Patreon)

Published:
2019-10-08 16:19:16
Imported:
2023-11
Tags:

Downloads

Content

by Shannon Morse, ThreatWire 

youtube.com/shannonmorse --  subscribe to my new channel!

ThreatWire is only possible because of our Patreon patrons! www.patreon.com/threatwire  

On October 4, Signal, the end to end encrypted messaging platform, fixed a bug that would allow an attacker to auto answer a call they placed on a target device without permission of the owner. This means an attacker could snoop on the audio around a device without the target knowing. It works on Signal's app, which has audio calls built in. It does not work for video calls because the app requires the user to physically enable camera access when making a video call for the camera to work. This does not affect iOS users, just the Android Signal app.

Natalie Silvanovich at Google’s Project Zero first discovered the flaw and said the iOS app would now allow for the same vulnerability because an error in the UI during an attack would cause an unexpected sequence of states to occur. If on Android, an attacker could use a modified version of the app to dial a call, then press their Mute button which would initiate the call on the receiver’s side. It happens after the attacker places a call, and during the ringing state. If the attacker hits their Mute button fast enough, the receiver won’t even see an alert and the call will be picked up without their knowing. The Android app has a method called HandleCallConnected that makes the call finish connecting. This method is normally initiated when the receiver clicks “accept” on a call, and when the caller gets connected to the accepted call. That “connect” for the caller can be initiated early by the attacker with a modified version of the app.

Signal replied to this attack saying the receiver, or the target, would see a visible indicator that a call was in progress on their phone, assuming they were looking at their phone at the time. They’d also see a record of a call being placed in the conversation list within the Signal app. 

Since many public figures, journalists, and security researchers use the Signal app, this is cause for concern, so luckily Signal fixed it quickly. Silvanovich’s report was on September 27, and Signal responded with Version 4.47.7 which was released last week, which does have a patch.

https://www.zdnet.com/article/signal-fixes-facetime-like-eavesdropping-bug/

https://bugs.chromium.org/p/project-zero/issues/detail?id=1943

https://www.vice.com/en_us/article/3kx7n8/signal-bug-could-have-let-hackers-listen-to-android-users-via-microphone

https://thehackernews.com/2019/10/signal-messenger-bug.html

Comments

No comments found for this post.