WhatsApp call hack installs spyware on users’ phones

iPhones and Android devices are vulnerable to security flaw – WhatsApp recommends immediate app update

A vulnerability has been discovered in WhatsApp that allows hackers to covertly install spyware on users' phones and track their communications and even location.

The exploit, which was first reported by The Financial Times, affects both iOS and Android devices and was discovered by WhatsApp earlier this month.

The malware is delivered through a voice call on the app that doesn't even require the user to answer in order for it to be installed, According to a "spyware dealer" who spoke to the FT and WhatsApp. The spyware dealer also claimed that the attacker was then able to delete call logs, so the user may have no idea they were targeted.

Advertisement - Article continues below

It's alleged that the malicious code was developed by NSO Group, a secretive firm based in Israel that's known primarily for developing spyware under the codename Pegasus, which was discovered by the University of Toronto's Citizen Lab and cyber security firm Lookout in 2016.

Pegasus, which is sold to third parties such as government agencies, can turn on a phone's microphone and camera, and collect information from emails and messages as well as picking up location data.

As in 2016, this latest attack seems to have been used primarily to target those working in the field of human rights, with the FT reporting that a UK-based human rights lawyer was targeted on Sunday 12 May.

Advertisement
Advertisement - Article continues below

IT Pro contacted NSO Group for comment, but hadn't received a response at the time of publication. However, the organisation told the FT: "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.

Advertisement - Article continues below

"NSO would not, or could not, use its technology in its own right to target any person or organisation."

Independent security researcher Graham Cluley told IT Pro it's not surprising that a vulnerability like this had been found and exploited in WhatsApp.

"Any complicated piece of software is going to have bugs. Such a widely-used piece of software like WhatsApp is going to have many more determined parties looking closely at it for vulnerabilities and exploits than something that few people use," he said

He also said it's unsurprising that a specific victim profile had been targeted by whoever has deployed the malware, rather than used to capture data on all or most users.

"Attacks like this aren't typically used against a large number of individuals, but a small, targeted group of victims that are of high value to intelligence agencies and governments," he said.

It's currently not known how long the vulnerability has been in place, however, the company issued a patch for its mobile apps yesterday and is urging all users to upgrade to the latest version as soon as possible. It has also taken steps to deny attackers the ability to use this exploit at an infrastructure level.

Advertisement - Article continues below

In a statement issued to IT Pro, a WhatsApp spokesman said: "WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices. We are constantly working alongside industry partners to provide the latest security enhancements to help protect our users."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement
Advertisement

Most Popular

Visit/security/privacy/355155/zoom-kills-facebook-integration-after-data-transfer-backlash
privacy

Zoom kills Facebook integration after data transfer backlash

30 Mar 2020
Visit/security/data-breaches/355173/marriott-hit-by-data-breach-exposing-personal-data-of-52-million
data breaches

Marriott data breach exposes personal data of 5.2 million guests

31 Mar 2020
Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020