WhatsApp announced a cyber-security breach and requests users to reinstall the application as a precaution.
By Taib Biygautane
Rabat – On Monday, May 13, the popular messaging application, WhatsApp, confirmed a grave security breach that “enabled targeted spyware to be installed on phones through voice calls,” reported Forbes.
The security breach concerns Android and iPhone electronic devices.
In a statement, published by The Financial Times, WhatsApp said that it “encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”
“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” added WhatsApp.
Although WhatsApp did not explicitly refer to a specific company, The Financial Times report identifies NSO Group, an Israeli software firm, as the spyware developer.
The spyware exploits security vulnerabilities in WhatsApp applications via audio phone calls to iOS and Android devices.
The spyware “can be installed without a trace and without the target answering the call,” reported the Verge.
Facebook had also issued a Security Advisory, yesterday, listing WhatsApp versions with security vulnerability issues, namely “WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.”
NSO Group describes itself as a developer of “technology that helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe.”
However, NSO’s Pegasus spyware was used to spy on several prominent dissidents, human rights activists, and journalists.
In 2016, Emirati human rights activist, Ahmed Mansoor, reported being targeted with Pegasus spyware.
In 2018, The New York Times published a report on NSO spyware allegedly being used by the Saudi government to spy on journalist Jamal Khashoggi.
Facebook-owned application, WhatsApp, distinguishes itself for being a highly secure provider of end-to-end encrypted messages. Whether this security breach is going to affect over 1.5 billion users’ trust in the application remains unknown.