Warning Issued To WhatsApp Users To Update App
WhatsApp users are being warned to update their apps on their phones and tablets after a vulnerability was discovered which could allow hackers to install malicious software.
The company has confirmed that cyber attackers were able to install spyware through the vulnerability, and fears that dozens of users may have been targeted in the attack, including a UK lawyer.
The attack was discovered earlier this month and has now been fixed, but users are still being urged to ensure their app is updated to the latest version so that they are protected.
It's believed the malicious spyware was spread through the app by its voice call feature. WhatsApp said it was "deeply concerned" about the vulnerability.
"We believe a select number of users were targeted through this vulnerability by an advanced cyber actor," WhatsApp told the Financial Times in a statement.
The tech company continued: "This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.
"We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society."
WhatsApp is a free mobile messaging app which uses mobile data or Wifi to send pictures, videos, voice notes, and texts. The app is owned by Facebook and was set up in January 2009 - it claims to have 1.5 billion users around the world.
If you use an iPhone handset, you can update the app simply through the App Store - click on 'Updates' at the bottom of the screen and find WhatsApp's update button.
Android users can do the same through the Google Play Store, updating through 'My Apps and Games'.
It's unclear who carried out the hack, although the attacker has been described as an "advanced cyber actor".
It has been reported that the spyware used was developed by NSO Group, an Israeli cybersecurity and intelligence company - however, the company has categorically denied any involvement.
NSO Group said: "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.
"NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual (the UK lawyer)."
It's too early to know whether you've been affected by the hack, so just ensure your app is updated for now.
Featured Image Credit: Unsplash/Christian Wiediger