WhatsApp is encouraging users to update to the latest version of the app after discovering a vulnerability that allowed spyware to be injected into a user’s phone through the app’s phone call function.
The spyware was developed by the Israeli cyberintelligence company NSO Group, according to the Financial Times, which first reported the vulnerability.
Attackers could transmit the malicious code to a target’s device by calling the user, whether or not the recipient answered the call.
Logs of the incoming calls were often erased, the report said.
WhatsApp said that the vulnerability was discovered this month and that the company quickly addressed the problem within its own infrastructure.
An update to the app was released on Monday and the company is encouraging users to upgrade out of an abundance of caution.
The company has also alerted US law enforcement to the exploit and published a “CVE notice,” an advisory to other cybersecurity experts alerting them to “common vulnerabilities and exposures.”
The vulnerability was used in an attempted attack on the smartphone of a UK-based attorney on Sunday, the Financial Times reported.
The lawyer, who was not identified by name, is involved in a lawsuit against NSO Group brought by a group of Mexican journalists, government critics and a Saudi Arabian dissident.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said in a statement.
“We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society,” it said.
NSO Group told the Financial Times that it was investigating the WhatsApp attacks.
“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” NSO Group told the newspaper.
“NSO would not, or could not, use its technology in its own right to target any person or organization, including this individual,” it said.
NSO Group limits sales of its spyware, Pegasus, to state intelligence agencies.
The spyware’s capabilities are near absolute.
Once installed on a smartphone, the software can extract all of the data that is already on the device (text messages, contacts, GPS location, e-mail, browser history, etc) in addition to creating new data by using the phone’s microphone and camera to record the user’s surroundings and ambient sounds, a 2016 report by the New York Times said.
WhatsApp has about 1.5 billion users worldwide.
NPP WARNING: The NPP’s chairman said that a security law proposed by Beijing means it has renounced its promise to maintain ‘one country, two systems’ in HK The Taiwan People’s Party (TPP) yesterday proposed changing the law to provide protection for those seeking political asylum. China at the opening of the National People’s Congress in Beijing on Thursday introduced a draft security law for Hong Kong to ban treason, subversion and sedition, with a review expected next week. TPP caucus whip Jang Chyi-lu (張其祿) said that the party is concerned about democracy advocates in Hong Kong and has taken action to support them. The party has proposed an amendment to Article 18 of the Act Governing Relations with Hong Kong and Macau (香港澳門關係條例), which stipulates that the government can offer
The number of people from Hong Kong applying for residency in Taiwan last year rose 41 percent from a year earlier to 5,858, National Immigration Agency statistics showed. The statistics also showed that 600 applications were filed by Hong Kong residents in the first quarter of this year — three times the number filed in the same period last year — with applicants apparently not deterred by the COVID-19 pandemic. Just one day after it was reported that the Chinese government plans to enact new national security laws in Hong Kong, inquiries regarding immigration to Taiwan grew 10-fold, a Hong Kong-based immigration
‘BEGINNING OF THE END’: Democracy advocate Joshua Wong urged Hong Kongers to stand up and fight, and let the Chinese government know that they will not cave Hong Kong protesters yesterday battled with riot police in busy downtown areas, showing their opposition toward China’s dramatic move to crack down on dissent in the biggest demonstration since the coronavirus swept through the territory in January. Police deployed a water cannon and fired tear gas in the Causeway Bay shopping area after hundreds of protesters had gathered to oppose new national security legislation from China. Police warned the crowd they were taking part in an illegal gathering, and later said in a statement that “rioters threw umbrellas, water bottles and other objects at them.” At least 120 people were arrested,
‘TAIWAN IS SAFE’: As there have been no new local cases for 42 days, people should feel free to travel around the nation — as long as they follow disease prevention rules No new cases of COVID-19 were reported yesterday and only 20 of the people hospitalized after testing positive are still being treated in hospitals, Minister of Health and Welfare Chen Shih-chung (陳時中) said yesterday in Pingtung County’s Kenting (墾丁) as he promoted a “new disease prevention lifestyle” for the nation. As yesterday was the 42nd consecutive day with no new domestic cases, and experts consider 28 consecutive days with no domestic case — the span of two incubation periods — a sign that a community is relatively safe, Taiwan is safe, said Chen, who heads the Central Epidemic Command Center (CECC),