A vulnerability in WhatsApp has surfaced that allowed Israeli hackers to inject spyware in smartphones. This malicious code is developed by an Israeli company NSO group and is transmitted by calling users on WhatsApp on both iOS and Android.
This code could be transmitted even if the user did not answer the call, users may have been effected and they don’t even realize this because the said phone call is then removed from WhatsApp call logs.
This loophole remained open for several weeks. In a statement, WhatsApp said:
“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” the company said. “We have briefed a number of human rights organizations to share the information we can, and to work with them to notify civil society.”WhatsApp’s official statement on vulnerability
WhatsApp is used by over 1.5 billion users around the world and is owned by Facebook. It is nearly impossible at this time to estimate how many users were targeted. NSO on the other hand is a private company that develops tools like pegasus for Israeli government to spy on people.
WhatsApp officials have notified United States department of justice and have also deployed a fix for this vulnerability to their servers.