We use cookies on our websites. Information about cookies and how you can object to the use of cookies at any time or end their use can be found in our privacy policy.

You need to update your WhatsApp ASAP

You need to update your WhatsApp ASAP

A security flaw in WhatsApp has led to the massively popular messaging app becoming the vehicle for a spyware used for a surveillance operation. The malicious software, called Pegasus, can be loaded onto an Android or iOS device via a WhatsApp voice call and then gather information from the device.

Both WhatsApp and NSO Group, the Israeli company responsible for developing the spyware, have confirmed the vulnerability. Pegasus can infect a device via WhatsApp call even if the user doesn't answer, delete its calls from the logs, and hijack the camera and microphone on a device in addition to harvesting communication and location data.  

Pegasus is sold commercially to Western and Middle Eastern government agencies, ostensibly for counter-terrorism and crime-fighting surveillance efforts. In this case, there are indications that the perpetrators of the latest cyberattacks via WhatsApp may be a Middle Eastern nation trying to silence criticism of its human rights violations. On May 12, Pegasus was used in a failed attempt to compromise the phone of a UK based human rights lawyer who has helped a group of Mexican journalists and government critics and a Saudi dissident living in Canada to sue NSO for liability in the actions of its customers. Middle Eastern human rights activists have been targeted by Pegasus in the past. 

Whasapp 06
WhatsApp's popularity makes it's vulnerability more worrying. / © AndroidPIT

WhatsApp alerted the US Justice Department and human rights groups about the threat, asserting that the operation had "all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems". NSO, however, denies any involvement with the attacks after the point of sale. "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology." 

The flaw is fixed, so long as you're up-to-date

Although WhatsApp has patched this security flaw at the time of writing, as a precautionary measure the company told users to check that they’re running the latest version of the app on their devices. You can check the latest WhatsApp build by hitting the Play Store button below or getting it from WhatsApp directly.

WhatsApp also advised users to ensure their mobile operating system, whether iOS or Android is up to date to ensure proper protection against potential targeted exploits designed to access information stored on your device. Although NSO claims that it always investigates credible allegations of misuse, and is looking into the WhatsApp call attack, so long as sophisticated spyware can be sold exported to third party actors without much oversight, it won't be easy to prevent similar surveillance campaigns from affecting many in WhatsApps 1.5 billion strong userbase.

Are you concerned about WhatsApp's security?

Recommended articles

No comments

Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing