The hugely popular messaging app WhatsApp has discovered a vulnerability that allowed spyware to be injected into a user’s phone through the messaging service’s phone functions.
The Financial Times (FT), who first discovered the vulnerability, said the spyware was developed by the Israeli cyber-intelligence company NSO Group. The company said they were currently investigating the WhatsApp attacks, but refused, at present to comment further.
It seems the attackers could transmit the malicious code to a phone by calling the user and infecting the call whether the recipient answered it or not. Once infected the spyware could extract all the data on the phone including text messages, contacts, GPS location, email and browser history.
It also transpired the spyware could use the phone’s microphone and camera to record the user’s surroundings and ambient sounds.
The attack is understood to have been specific in who it targeted, primarily activists involved in human rights campaigns. The FT reported an attack on a UK-based lawyer who had previously been involved in a lawsuit against the NSO Group’s spyware known as Pegasus. The case had been brought to court by a group of Mexican journalists and a Saudi Arabian dissident. NSO were quick to defend the company’s position.
Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies. NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual.- Press statement: NSO Group
With 1.5bn users globally and its much-vaunted end-to-end encryption, attacks like this clearly undermine WhatsApp’s selling point of secure communication, particularly for activists and human rights campaigners.
But with this particular spyware, Scott Storey, a senior lecturer in cybersecurity at Sheffield University said that the average user shouldn’t be too worried. ‘This,’ he said, ‘isn’t someone trying to steal private messages or personal details.’
However, he does, along with WhatsApp strongly recommends all users to upgrade to the latest version as well as keeping their mobile operating system up to date. Particularly, they said, ‘to protect against potential targeted exploits designed to compromise information stored on mobile devices.’