Caution WhatsApp users! One the most popular texting apps across the globe, WhatsApp, revealed that hackers have been taking advantage of a vulnerability in WhatsApp audio call system that allows attackers to access sensitive and personal information via WhatsApp call. Notably, this is advanced Israeli spyware that is developed by the NSO Group; it may attack both iPhone and Android devices that have the WhatsApp application installed.
How it Attacked Whatsapp Users
- The spyware install on a hosted phone via a WhatsApp call.
- The spyware deletes all WhatsApp call logs to become untraceable.
What is the WhatsApp spyware attack?
According to a WhatsApp representative, the researchers have found this vulnerability during the security improvements project earlier this month. What is shocking about this spyware is that whether or not the WhatsApp users answer their WhatsApp call, the malicious code has the ability to transmit the bug to other users. Furthermore, this malicious is so advanced that once infected, the call automatically disappears from the WhatsApp call logs. Hence, it is quite possible that WhatsApp users, even us, are infected and do not even know about it.
Who is responsible for the WhatsApp spyware attack?
“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” the company said. “We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society,” said WhatsApp officials.
WhatsApp developers are working to discover other details about this spyware, which is now open for several weeks. WhatsApp is also investigating the number of users this Israeli spyware might have targeted. There are over 1.5 billion users of WhatsApp and it is still unclear how many phones this malicious have affected now.
Though the Israeli Spyware primarily attacks the iOS users; however, it may affect Android and Windows users as well. Let us take a look at the affected versions of WhatsApp here:
- WhatsApp for Android prior to v2.19.134
- WhatsApp Business for Android prior to v2.19.44
- WhatsApp for iOS prior to v2.19.51
- WhatsApp Business for iOS prior to v2.19.51
- WhatsApp for Windows Phone prior to v2.18.348
- WhatsApp for Tizen prior to v2.18.15.
Seemingly, WhatsApp has also disclosed the malicious attacking issues before the United States Department of Justice earlier this week. There were a lot many people affected by this spyware; however, the issue came into the limelight when a UK-based human rights lawyer raised a complaint that his phone was attacked on Sunday, a senior researcher at Citizen Lab, Toronto, John Scott-Railton told to Ars Technica. “Whoever at the company was in charge of monitoring their exploits was not doing a very good job,” he further said. As soon as the bug was identified, WhatsApp developers started working round the clock to find out the loopholes and started deploying the fixes on its server. The company has also developed a patch and made it available for end users on Monday.
What is WhatsApp doing to mitigate this situation?
WhatsApp is investigating the matter. in the meantime, it’s extended an update to secure its servers. The social messaging app has additionally rolled out a security patch to safeguard smartphones from vulnerability.
In addition to this, the corporate has alerted the United States justice department regarding the problem.
How can someone secure their devices from this spyware attack?
To safeguard yourself from the attack all you need to do is go to the Google Play Store or the Apple App Store and update the app on your smartphone.
In case you’re worried, the bug does not leave your WhatsApp call open to interception. And once you’ve got updated the app, all your data is safe.