Facebook’s Whatsapp has identified an application security flaw that allowed attackers to install remote-controlled spyware on their smartphones, the Financial Times reported on Tuesday. It discovered the breach in early May, released an update last Friday and now calls on users to update a version to block the breach.
The vulnerability revealed the ability to install spyware on the user’s device and to have full control over it. The espionage program, according to the report, was developed by the Israeli cyber attack company NSO. In order to install the spy software, only a voice call is required for a number of Whatsapp (both Android and iPhone). There was no need even for the victim to answer the call. After it was done, the spy software was installed on the device. In some cases, the victim did not even know that they had called him since the incoming call had been deleted from the call log.
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at office@jewishbusinessnews.com.
Thank you.
“A certain number of users have been targeted by this vulnerability by an advanced cyber player,” said Whatsapp, who is currently using 1.5 billion people and has all the hallmarks of a private company that provides spyware to governments that take over the functions of the mobile operating system. Among the targets of this method were a British lawyer who was involved in a lawsuit against NSO for supplying a telephone hacker to Saudi Omar Abdul Aziz, as well as a Qatari citizen and a group of Mexican journalists, according to the New York Times.
“NSO’s technology is licensed to government agencies with the sole purpose of fighting crime and terrorism, and the company does not operate the system,” the NSO said in a statement, “We are investigating allegations of abuse and if necessary, take action including disabling the system “In no case is the NSO involved in the operation or identification of targets, but only by the law enforcement and intelligence agencies.”
In a similar case in 2016, Apple released an urgent update to the iPhone following a breach by NSO and urged users to install it urgently.
