WhatsApp vulnerability allowed secretive installation of spyware

A vulnerability in the Facebook-owned WhatsApp allowed spyware to be installed, according to the Financial Times.

Gabriel Bouys/AFP/Getty Images

A vulnerability in messaging app WhatsApp allowed attackers to install Israeli spyware onto phones, the Financial Times reported Monday.

The malicious code, developed by Israeli company NSO Group, was installed on both iPhones and Android phones through the app’s phone call feature, the newspaper reported. The spyware could be transmitted even if the target victim didn’t answer their phone, and the calls often disappeared from users’ call logs.

The company said the attack has the hallmarks of a private company that reportedly works with governments to deliver spyware that takes over the functions of mobile phone operating systems.

In 2016, NSO Group was accused of providing spyware to nation-states to steal data from activists’ iPhones. The company has said it obeys applicable laws.

“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” a WhatsApp spokesperson said in a statement.

The Facebook-owned service, which has about 1.5 billion users, reportedly doesn’t know how many phones may have been infected with the spyware.

WhatsApp engineers were working to close the vulnerability Sunday night and issued a patch for customers on Monday, the Financial Times reported. 

WhatsApp said it informed the US Justice Department of the vulnerability last week.

NSO Group and the Justice Department didn’t immediately respond to requests for comment.


CNET may get a commission from retail offers.

Source link

Share with your friends!

Products You May Like

Leave a Reply

Your email address will not be published. Required fields are marked *

Get The Latest Tech News
Straight to your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.