Users are being urged to update their WhatsApp smartphone apps immediately because of a security bug that allows hackers to take over your phone by simply calling it, whether or not you answer.
A vulnerability in the popular Facebook-owned messaging service has been discovered that allowed hackers to install spyware through an infected WhatsApp voice call.
The spyware is capable of trawling through calls, texts and other data, activating the phone’s camera and microphone and performing other malicious activities.
All brands of phones with WhatsApp or WhatsApp Business installed are affected, including Apple’s iPhone (iOS), Android phones, Windows Phones and Tizen devices, according to Facebook. WhatsApp is used by 1.5 billion people globally.
According to the Financial Times, Israeli cyber intelligence company NSO Group developed the spyware. Users did not even have to accept the call, and it was often hidden from logs, the paper said.
The number of people spied on is not yet known. A few targets, including a UK-based human rights lawyer and an Amnesty International researcher, have been identified.
If you haven’t received any WhatsApp voice calls or dropped calls from unknown parties then you have probably not been targeted. But if you happen to be a lawyer or work in sensitive industries and use WhatsApp, even for personal correspondence, you should be especially vigilant.