WhatsApp urges users to upgrade app after report of spyware attack

EnlargeSanteri Viinamäki

"Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is exclusively operated by intelligence and law enforcement agencies", an NSO Group spokesperson said. The company said it detected the pattern of abnormal phone calls earlier this month and updated its servers on Friday.

The NSO rejected any involvement in this act and said "Under no circumstances would NSO be involved in operating or identifying of targets of its technology".

The Facebook-owned messaging service said it believed certain users were targeted through the vulnerability by an advanced cyber actor.

WhatsApp has disclosed a vulnerability in its iOS and Android client which allowed hackers to install spyware on devices by exploiting a buffer overflow vulnerability in the WhatsApp VoIP stack.

A UK-based human rights lawyer told the AP news agency that he was targeted in the latest attack. The group is famous for its software dubbed "Pegasus" which can hack smartphones and activate their microphones and cameras, collect location information and send out emails and texts. "NSO would not, or could not, use its technology in its own right to target any person or organization, including this individual".

According to WhatsApp, it suspects a relatively small number of users were targeted.

"The company has reportedly said that a small number of accounts have been affected and has told its users to update their apps using standard updates from the app store as a precaution". The vulnerability helped these cybercriminals to install the virus remotely and without any notice because the only thing they had to do is to make WhatsApp audio call and have it answered. Citizens and civil rights groups are petitioning the Israeli Ministry of Defense to revoke NSO's export license.

Facebook's engineers have been busy trying to patch the flaw, designated as CVE-2019-3568, and an updated version of WhatsApp has already been pushed out to users.

This is another reminder of how important it is to keep all the apps on your phone updated. Or, you can just visit the app store on your phone and update it manually and immediately.

"NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics", Danna Ingleton, deputy director of Amnesty International's tech division, said on Sunday.

Related:

Comments


Other news