WhatsApp Uncovers New Surveillance Attack
Targeted Surveillance Hackers Tap into WhatsApp
If you’ve been paying attention to WhatsApp’s recent appearances on the news, you’ll know that the company has recently uncovered a targeted surveillance attack in their systems, intended to collect information about certain users. According to an official statement from WhatsApp, hackers were somehow able to remotely install software into phones and other devices using the WhatsApp communication tool.
The hackers got access to WhatsApp through a major vulnerability in the software. The WhatsApp team, now owned by Facebook, announced that the cybercriminals have targeted a specific number of users and that the whole event was orchestrated by a “sophisticated” individual.
A fix was rolled out for the surveillance attack very quickly, but WhatsApp isn’t taking any chances. The company has urged more than 1.5 billion users to update their apps, as promptly as possible.
How to Update Your WhatsApp
To update WhatsApp on an Android phone, go to the Google Play store, and click on the menu option. Tap on “My Apps and Games.” If your WhatsApp tool has already been updated recently, then it will have a button next to it that says “Open.” If you need to update your app, the button will read “Update” instead. The latest version you need is 2.19.134.
If you’re an iPhone user, you’ll need to visit the App store and click on Updates at the bottom of the screen. Again, like with Android users, if you’ve already updated your app recently, it will have a button next to it that reads “Open.” If the button says “Update,” tap it to upgrade to version 2.19.51.
According to recent press releases, the surveillance software used in the attack was developed by the NSO Israeli firm. The flaw that allowed the hackers to get into WhatsApp was discovered by Facebook earlier in May, and some users have questioned how much the company is doing to protect them now that Facebook is in charge.
How Did the WhatsApp Security Flaw Let Hackers In?
The attackers in the most recent scandal used the voice calling function on WhatsApp to call a target’s device. Even if you didn’t pick up the call, the surveillance software would still install into your phone. WhatsApp told the media that the attack has all the hallmarks of the private company in Israel, the “NSO Group.”
WhatsApp also published an advisory to security experts, describing the issue as a “buffer overflow vulnerability” in the WhatsApp VoIP systems. According to some specialist, the attack is quite an “old fashioned” way to try and access data.
WhatsApp claims that it is still too early to know how many people have been affected by the attack so far. However, the attacks were “highly targeted.” One of the people targeted was a lawyer currently involved in a lawsuit against the NSO Group.
A Tel Aviv court will be hearing a petition on the 21st of May this month led by the Amnesty International Group, which will ask for the Israel Ministry of Defense to revoke the NSO Group’s license to export products.