Warning: Update Your WhatsApp Now to Avoid Israeli Spyware
The bug allowed hackers to make calls via WhatsApp and extract data through the spyware.
The bug allowed hackers to make calls via WhatsApp and extract data through the spyware. (Photo: iStock)

Warning: Update Your WhatsApp Now to Avoid Israeli Spyware

An Israeli firm, NSO Group, that has been accused of supplying spyware for spying on human rights activists and journalists, has now been accused of using a WhatsApp bug to access communications into iPhones and Android phones, The New York Times reported.

According to the NYT report, the spyware has characteristics similar to the technology from NSO Group.

WhatsApp seems to have fixed the vulnerability with a patch on Monday, 13 May, further urging customers to update their app and Operating System.

“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” it was quoted by NYT as saying.

Also Read : Facebook Chooses London as Base for WhatsApp Payments

WHAT DOES THE BUG DO?

Using the WhatsApp bug, digital attackers could steal data from a smartphone by simply placing a WhatsApp call, even if the victim did not pick up the call. WhatsApp's engineers, according to the NYT report, concluded that it was similar to other tools from the NSO Group because of its digital footprint.

HOW WAS IT FOUND?

According to the NYT report, the spyware was found when it was used to break into the phone of a London lawyer, who has accused the NSO group of providing tools to hack phones of journalists and activists.

The lawyer said that he got suspicious after receiving WhatsApp video calls from Norwegian numbers at odd hours. He then contacted Citizen Lab at the Munk School of Global Affairs at the University of Toronto, which has helped uncover the use of NSO Group products.

WHAT WHATSAPP DID

While Citizen Lab was working on the Spyware, engineers at WhatsApp had found an abnormal voice calling activity on their systems, NYT quoted an employee as saying.

WhatsApp then alerted human-rights organisations about the threat and found out that the vulnerability had been used to target the lawyer.

WhatsApp had alerted the Justice Depatment as well, after this was reported by The Financial Times on Monday, 12 May itself.

WHAT THE NSO GROUP SAID

NSO, having advertised its products as being sold only to government agencies solely for the purpose of fighting terror and aiding law enforcement investigations, put out a statement on Monday, saying that it would investigate any “credible allegations of misuse.” It also said that it won't get involved in identifying a target for its technology.

Now, even though the company claims to have an in-house ethics committee that keeps a check on buyer countries based on their human-rights records, it has time and again sold to countries with questionable human-rights records like the United Arab Emirates, Saudi Arabia and Mexico, the NYT report said.

It would be advisable to download the latest WhatsApp version as well as update your phone’s operating system with the latest security patches available to avoid this vulnerability.

Also Read : WhatsApp to deny private chat screenshots: Report

(With inputs from The New York Times.)

(The Quint is now available on Telegram. For handpicked stories every day, subscribe to us on Telegram)

Follow our Tech News section for more stories.

    Also Watch