WhatsApp has urged users to update to the latest version after an Israeli company was found to have been using vulnerabilities in the app to infect phones with spyware to monitor communications.
The spyware is so sophisticated it can infect a victim’s phone by the attacker simply calling the victim’s number using the app’s call function. The victim does not even need to answer the call and the call log is automatically deleted.
Once installed on a phone, the software can extract data including text messages, contacts, GPS location, emails and browsing history. It can also hijack the phone’s microphone and camera to record and film the victim and their surroundings.
NSO Group was named by the Financial Times as the company behind the spyware. The firm sells spyware to governments. Some have been accused of using it against their own citizens, including journalists, dissidents and human rights activists.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said in a statement.
Mexican journalists have brought a legal case against NSO Group in Israel and a senior lecturer at the City Law School has been acting as a consultant for the legal team representing Mexican plaintiffs.
WhatsApp said it had been alerted to the vulnerability earlier this month and had patched it up, but Citizen Lab, a research group based at the University of Toronto, said an attacker tried to exploit it again on Sunday. The FT said the intended victim was a UK lawyer involved in a case against NSO, but did not name them.
“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” the company told the FT.
“NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual (the UK lawyer).”