There have been reports of hackers putting spy software on smartphones using WhatsApp via the voice call feature of the app. The Facebook-owned company has requested all the users to update the app and avoid spyware to get into your device. The company said that an “advanced cyber actor” triggered the spyware and infected multiple smartphones due to a major vulnerability in the WhatsApp messenger.
According to some reports, the spyware is developed by an Israeli spyware company NSO Group that operates secretively. The spyware is developed to give hackers the full access to a smartphone, that allows them to read messages, see contacts, and activate user’s device camera anytime.
WhatsApp also confirmed that some users have already been a victim of the bug but the latest version of the app is fixed the vulnerability that you can now download on Google Play or iOS App Store.
WhatsApp Vulnerability Now Killed
The vulnerability was first reported by the Financial Times. According to FT, cyber hackers have been attacking users up until Sunday when the loophole was found after an attack to a human rights lawyer from the UK.
However, the NSO denied the attack and said that it “would not or could not” use its tech to target any individual or organization.
“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” the company said.
WhatsApp has more than 1.5 billion users globally and vulnerability like that can be scary. The company, however, has been quick to contact human rights group as well as a researcher from Citizen Lab who reported the hack, to push out a patch to the loophole. The company has also provided required information to the US law enforcement officials to start the investigation.
“Our team was putting some additional security enhancements to our voice calls” and that’s when engineers discovered a flaw according to which a user “might get one or two calls from a number that is not familiar to them. In the process of calling, this code gets shipped”, said a WhatsApp spokesperson. “We are deeply concerned about the abuse of such capabilities.”
While talking to FT, WhatsApp said, “This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.” They further added, “We have briefed a number of human rights organizations to share the information we can, and to work with them to notify civil society.”
To keep your device safe from this spyware attack, get your device the latest update of WhatsApp now.