WhatsApp is encouraging users to update to the latest version of the app after discovering a vulnerability. The spyware, injected to a user’s phone through the app’s phone call function, was developed by the Israeli cyber intelligence company NSO Group.
Attackers could transmit the malicious code by calling the user and infecting the call whether or not the user answered. Logs of such incoming calls were also often erased so a user might not even know their device was targeted. The vulnerability was discovered by WhatsApp this month, and the company quickly addressed the problem. An app update was published, and all users are being encouraged to upgrade their apps out of caution.
WhatsApp is doing more than providing a fix and updating their app. They have alerted US law enforcement to the exploit as well as published an advisory notice to other cybersecurity experts alerting them to common exposures. The company is sharing the information they can with various human rights organizations and working with them to notify civil society. To learn more about the recent spyware attack, visit here.