News ID: 252794
Published: 1026 GMT May 14, 2019

WhatsApp urges users to act after confirming cyber surveillance attack

WhatsApp urges users to act after confirming cyber surveillance attack

Hackers were able to install spyware on WhatsApp by exploiting a major vulnerability in the app, the company confirmed.

The messaging service, which is owned by Facebook, said it believes ‘a select number of users’ were targeted by an ‘advanced cyber actor’, Sky News reported.

It is unclear how many devices were affected, but a WhatsApp spokesperson said a number in the dozens would not be inaccurate.

The company discovered the breach in early May and has informed a number of human rights organizations.

WhatsApp said it has since fixed the vulnerability and is urging people to upgrade to the latest version of the app.

It has not been confirmed who carried out the attack, but it was said to have hallmarks of a private company that works with governments to deliver spyware.

The Financial Times has reported the spyware was developed by NSO Group, an Israeli cybersecurity and intelligence company.

The NSO Group rejected the paper’s allegation.

The technology would allow it take over the functions of mobile phone operating systems.

WhatsApp said it is ‘deeply concerned’ about the abuse of such capabilities, and has briefed a number of human rights organizations.

The vulnerability in the app allowed it to be infected with spyware with a missed in-app call function.

The company has provided information to US law enforcement to help them conduct an investigation.

A WhatsApp spokesperson said, "WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.

"We are constantly working alongside industry partners to provide the latest security enhancements to help protect our users."

Danna Ingleton, deputy director of Amnesty International Tech, tweeted, "Just to reiterate, this means 'zero click' targeting is actually happening. Now, more than ever, we need some accountability from this company and better Due Diligence processes in the industry."’





Security Key:
Captcha refresh
Page Generated in 0/5672 sec