It has been confirmed today that hackers were able to remotely install software on phones and other devices using a major vulnerability in messaging app WhatsApp. The surveillance software involved was developed by Israeli firm NSO Group, according to a report in the Financial Times. On Monday, WhatsApp urged all of its 1.5 billion users to update their apps as an added precaution.
The victim doesn’t need to do a thing other than leaving their phone on. To carry out the attack, a hacker has to manipulate data sent during the process of beginning a voice call with the target. Once the packets are received by the victim’s device, a memory buffer within WhatsApp is forced to overflow, overwriting other parts of the app’s memory and leading to the hacker gaining access to the chat application.
The NSO group, an Israeli-based but American-owned company, specialises in creating what it calls tools against crime and terrorism. But the security researchers call them something else: a cyber arms dealer.
WhatsApp said it was too early to know how many users had been affected by the vulnerability, although it added that suspected attacks were highly-targeted. According to the New York Times, one of the people targeted was a London-based lawyer involved in a lawsuit against the NSO Group.
How to update WhatsApp
On Android
- Open the Google Play store
- Tap the menu at the top left of the screen
- Tap My Apps & Games
- If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
- If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
- The latest version of WhatsApp on Android is 2.19.134
On iOS (iPhone, iPad)
- Open the App Store
- At the bottom of the screen, tap Updates
- If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
- If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
- The latest version of WhatsApp on iOS is 2.19.51