WhatsApp, one of the most popular social messaging applications in the world, has found a vulnerability suspected to a ‘spyware’ attack inside its app. The company says that users should update their applications as well as the operating system as soon as possible. This spyware attack is believed to be a zero-day attack which means no antivirus can prevent it from happening.
Also, there is a 100% success rate of such ‘zero-day’ attacks as there is no solution for them. It means that the number of users affected by this attack could be huge. According to some reports, this spyware attack has been carried out by an Israeli cyber intelligence company named NSO group.
‘Zero-day’ vulnerability to spyware found inside WhatsApp, users told to update their apps immediately
According to a report in Financial Times, WhatsApp had a vulnerability to spyware, which is developed by Israeli firm NSO Group. This spyware would let the attackers have remote access to any device which has WhatsApp installed.
Reportedly, the spyware could inject malicious code in anyone’s phone using the WhatsApp Calling feature.
As per the report, the spyware is extremely dangerous and has the ability to affect anyone using WhatsApp’s call feature. Because the attackers just need to call someone using WhatsApp call and the code can be injected even if the other person does not receive the call. Once the code or spyware gets injected, the incoming call log will be deleted on its own.
However, the Israeli firm NSO Group has not exploited this spyware for hacking purposes. Instead, the company submitted its report in the US law enforcement department.
Also, they have published a “CVE Notice” for cybersecurity experts notifying them about the vulnerability.
NSO Group reportedly used this vulnerability on the UK-based attorney’s phone around May 12. It is also known that the NSO Group has two active lawsuits against them for illegal spying. The NSO Group reportedly offered their spyware to the rulers of the United Arab Emirates to spy on their competitors.
Coming back to vulnerability in WhatsApp, you should update your application right away. This is because the ‘zero-day’ spyware can attack anyone and everyone.
Since the discovery, WhatsApp has updated its app with a fix. So it is of utmost importance to update your WhatsApp app to the latest version as quickly as you can.
WhatsApp says that they are already aware of the vulnerability which has affected their application. The company does not name NSO Group but claims it as a company “that works with governments to deliver spyware”. The company adds that they will notify “civil society” about this incident too.