WhatsApp urges users to update after spyware hacking report

WhatsApp pressed users to update its messaging service, following a report that a vulnerability in the software allowed attackers to hack into people’s phones using commercial Israeli spyware.

The chat app, owned by Facebook, said it had discovered a vulnerability in early May that could enable attackers to insert and execute code on mobile devices.

WhatsApp said it made changes to its infrastructure late last week to block the attacks from taking place, adding that only a select number of users appeared to have been targeted through the vulnerability by an advanced cyber actor.

"WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices," a spokesperson for the company said on Tuesday.

The statement follows a report by the Financial Times that attackers were able to install surveillance software, developed by Israeli company NSO Group, on iPhones and Android devices by calling targets using the app’s phone call function.

WhatsApp said the attack has the hallmarks of a private company that works with governments to deliver spyware, which takes over control of mobile phone operating systems.

In a statement, NSO Group said its technology "is licenced to authorised government agencies for the sole purpose of fighting crime and terror." It added that it doesn’t operate the system itself and "under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies."

WhatsApp said it has notified European data privacy regulators of the breach and has also provided US law enforcement information to conduct an investigation. It also said it had briefed human rights organisations to work with them to notify civil society.

Ireland’s Data Protection Commission said WhatsApp notified the regulator on Monday of a "serious security vulnerability" and that it is actively engaging with the company to check if any EU user data has been compromised.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
ZAR/USD
16.40
(+0.20)
ZAR/GBP
21.35
(-0.17)
ZAR/EUR
19.46
(+0.05)
ZAR/AUD
11.61
(-0.10)
ZAR/JPY
0.16
(-0.07)
Gold
1918.31
(+0.42)
Silver
24.98
(+1.03)
Platinum
877.00
(+0.69)
Brent Crude
43.05
(+1.28)
Palladium
2409.50
(+0.84)
All Share
55144.16
(-0.23)
Top 40
50653.15
(-0.39)
Financial 15
9913.11
(-0.43)
Industrial 25
75170.89
(-0.52)
Resource 10
53810.85
(+0.04)
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
Results
Yes, and I've gotten it.
30% - 21 votes
No, I did not.
46% - 33 votes
My landlord refused
24% - 17 votes
Vote