WhatsApp Discovers Surveillance Attack, Urges Users to Upgrade

  • WhatsApp Discovers Surveillance Attack, Urges Users to Upgrade

WhatsApp Discovers Surveillance Attack, Urges Users to Upgrade

On Monday, WhatsApp said it fixed the vulnerability, which enabled attackers to add code to users' smartphones by calling them on WhatsApp, and unfortunately, some smartphones might have been infected even if calls were not answered, CNN Business noted.

The NSO Group is behind a spyware product called Pegasus, which allows operators to take control of a target's phone, allowing them to switch on a phone's camera and a microphone, as well as retrieve private data. So if you see an update is available for WhatsApp, it is highly recommended that you install it on all of your devices.

It's not immediately clear how numerous app's 1.5 billion users were affected but a WhatsApp spokesperson told the Financial Times that "a number in the dozens would not be inaccurate". While it does offer "Security by Default" in the form of end-to-end encryption, there will always be vulnerabilities existing in the wild that keep companies leapfrogging one another in the form of exploits and security patches.

Facebook's WhatsApp on Tuesday urged users to upgrade to the latest version of its popular messaging app following a report that users could be vulnerable to having malicious spyware installed on phones without their knowledge.

The details of this vulnerability surfaced in a report from The Financial Times. The company has sold the software to governments around the world.

The Financial Times said, the spyware was developed by NSO Group, an Israeli cybersecurity and intelligence company. "We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society".

"The company does not operate the system, and after a rigorous licensing and vetting process, intelligence and law enforcement determine how to use the technology to support their public safety missions". It is believed that was also the case here and the attack was used against specific targets.

Facebook pushed out an update for the smartphone app on Monday and is encouraging users to update their phones immediately.

Encrypted messaging apps should never be considered secure, experts have warned, after a flaw in WhatsApp allowed attackers to spy on activists. For Android devices, that involves opening the Google Play store, and looking in "My Apps & Games" to see if WhatsApp needs updating or not. For those using iPhones, open the App Store, select updates, select WhatsApp and then hit Update.