WhatsApp bug let attackers install spyware, here’s what to do
Facebook-owned WhatsApp suffered a major security breach which allowed hackers to install spyware on devices. WhatsApp has fixed the vulnerability but the number of affected users is still unknown.
This bug exploited a loophole in WhatsApp's audio call feature which allowed hackers to install spyware in the recipient's device. The spyware was installed even if the WhatsApp audio call was not answered, Tech Crunch reported. WhatsApp did not disclose the number of affected users, but said that the margin is pretty low.
The security bug was discovered by WhatsApp when "our team was putting some additional security enhancements to our voice calls," Associated Press quotes a WhatsApp spokesperson. He further said that the affected users may have received calls from unknown numbers. "In the process of calling, this code gets shipped," the WhatsApp spokesperson added.
In a report shared on Facebook, the company lists the affected devices. The issue affects WhatsApp on Android prior to v2.19.134 and WhatsApp Business for Android prior to v2.19.44. iPhones were affected as well with WhatsApp for iOS prior to v2.19.51, and WhatsApp Business for iOS prior to v2.19.51.
The almost redundant WhatsApp for Windows Phone prior to v2.18.348 and WhatsApp for Tizen prior to v2.18.15 was also affected.
What to do
There's no way to find out if your device has been affected with the WhatsApp. However, WhatsApp urges users to download the latest update of the app on their devices.
The Financial Times first reported the story and named Israel's cyber intelligence NSO Group behind the attack. WhatsApp hasn't denied or confirmed on the same as yet. If true, the breach goes beyond casual hacking and leads to something even more dangerous. The NSO Group is known for their spyware which can hack smartphones and take control of their cameras.