WhatsApp has recommended its 1.5 billion users to immediately upgrade the app after the Facebook-owned platform discovered a vulnerability that allowed a spyware to be installed on users’ phones via the app’s phone call function.
According to the reports of Financial Times, the spyware was allegedly developed by the Israeli cyber intelligence company NSO Group. They works for the government, looking to infect targets of investigations and get access to various aspects of their devices.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” the WhatsApp quoted without mentioning the NSO Group.
The vulnerability grasp a bug in WhatsApp’s audio call feature, facilitating the installation of spyware on the users device on both iPhones and Android phones by ringing up targets using the app’s phone call function whether the call was answered or not.
It is not clear how widespread the attack was but it appears to have already been used on various phones.
According to the Financial Times, the same vulnerability was used to attempt attack on a lawyer’s phone in United Kingdom on May 12. The lawyer was involved in a lawsuit against NSO brought by a group of Mexican journalists, Saudi Arabian dissident and government critics.