A report from The Financial Times reveals that the security flaw made it possible for malicious actors to inject Israeli spyware on mobile device using nothing more than a typical WhatsApp call.
By the looks of things, users didn’t even have to answer the calls, as the malicious code was executed in the background. The missed call was most often removed from the call history, which means that users who didn’t notice it in the first place had no idea they were hacked.
The malicious code is linked to Israeli company NSO Group, according to the same report, albeit the company claims it “would, or could not, use its technology in its own right to target any person or organization.” NSO Group builds cyber tools that are then sold to governments across the world for a wide variety of purposes, many of them related to terrorism.
For example, such code can be used to extract data from locked devices that are involved in criminal investigations.
Fix already available
WhatsApp, on the other hand, says it has already resolved the bug, and users are now recommended to install the latest version of the messaging app as soon as possible. WhatsApp has more than 1.5 billion users on Android and iOS, but parent company Facebook can’t share any details as to how many of them might have been targeted in such attacks.
Submitted by: Arnfried Walbrecht