Technology

Update WhatsApp now to avoid spyware installation from a single missed call


A vulnerability discovered in Facebook’s WhatsApp messaging app is being exploited to inject commercial spyware onto Android and iOS phones by simply calling the target, reports The Financial Times .


The spyware, developed by Israel’s secretive NSO group, can be installed without trace and without the target answering the call, according to security researchers and confirmed by WhatsApp.


Once installed, the spyware can turn on a phone’s camera and mic, scan emails and messages, and collect the user’s location data.


The vulnerability discovered in early May, was targeted as recently as Sunday when a UK-based human rights lawyer was attacked by NSO’s flagship Pegasus program, according to researchers at Citizens Lab.


WhatsApp is investigating the situation but is so far unable to estimate the number of phones successfully targeted by the exploit, said a source speaking to the FT.


“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” said WhatsApp in a statement provided to The Financial Times .






Powered by Blogger.