What you need to know
- The vulnerability was first discovered in early May.
- A fix has been rolled out on the server-side along with a new app update that was released last Friday.
- It is believed the spyware used is from NSO Go and it allows access to your mic, camera, messages, and more.
No matter what you're doing, if you have WhatsApp installed on your phone, you should update it now. In early May, Facebook discovered the vulnerability that would allow commercial-grade spyware to be installed on your phone through a call using WhatsApp.
While most spyware requires some action on the user's part, this new vulnerability did not. All that was required was to place a call to a phone with WhatsApp installed, you didn't even have to answer or interact with the call.
The software in question is believed to be called "Pegasus" and comes from Israeli-based company NSO Group. Once installed, Pegasus has the ability to turn on the mic or camera on your device, as well as gain access to your photos, messages, location data, and emails. It can even edit the call log to erase all traces that it was installed.
It took Facebook less than 10 days to fix the exploit with a server-side fix, along with an update to the app last Friday which further secures you against the attack.
The vulnerability affected users of WhatsApp on all platforms, meaning you need to update your app immediately if you still have one of the versions prior to the following.
- WhatsApp for Android v2.19.134
- WhatsApp Business for Android v2.19.44
- WhatsApp for iOS v2.19.51
- WhatsApp Business for iOS v2.19.51
- WhatsApp for Windows Phone v2.18.348
- WhatsApp for Tizen v2.18.15
Even though Facebook does not directly name the NSO Group, it appears to be the most likely culprit. A statement released from Facebook read:
This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.
The NSO Group has been known to work with governments in the past to target reporters or dissidents. It is believed that was also the case here and the attack was used against specific targets.
When speaking to the Financial Times, NSO Group said that it vets its customers and investigates abuse, but it is also careful to not involve itself with the actual applications of its software.
This is another reminder of how important it is to keep all the apps on your phone updated. Make sure to check for updates regularly and prevent leaving your phone open to security vulnerabilities.