OTT messaging giant WhatsApp has confirmed an ‘advanced cyber actor’ exploited a major vulnerability to install spyware on users’ devices.
With over 1.5 billion active users, WhatsApp is the world’s most popular messaging app. This popularity makes WhatsApp a key target for both independent and state-sponsored hackers.
The attackers compromised devices by making fake calls to victims’ devices. Users did not even have to pick up the call for the malicious code to be ‘shipped’.
Engineers said that victims may have noticed one or two missed calls from an unknown number, although in some cases the missed call notification was wiped. Hackers would then have full control of the operating system.
WhatsApp discovered and fixed the vulnerability earlier this month so users are urged to ensure their app is updated to the latest version.
Citizen Lab, at the University of Toronto, said a hacker attempted to exploit the app as recently as Sunday evening but was blocked. WhatsApp worked with Citizen Lab to ensure the issue was patched.
While it’s not been disclosed who carried out the attack, the hackers used spyware developed by NSO Group – an Israeli cybersecurity and intelligence company.
NSO Group said: "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.”
"NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual (the UK lawyer)."
Spyware created by the group has been used for the hacking of lawyers, dissidents, human rights defenders, and more. The group’s spyware was even implicated in the assassination of journalist Jamal Khashoggi in the Saudi consulate in Istanbul, Turkey last year.
Danna Ingleton, Deputy Director of Amnesty International Tech, tweeted: “NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics."
Interested in hearing industry leaders discuss subjects like this and sharing their experiences? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam to learn more.