Facebook’s WhatsApp urged users to upgrade to the latest version of its popular messaging app after reporting that users might be vulnerable to having malicious spyware installed on phones without their knowledge.
Earlier, the Financial Times (FT) reported that a vulnerability in WhatsApp allowed attackers to inject spyware on phones by ringing up targets using the app’s phone call function.
It said the spyware was developed by Israeli cyber surveillance company NSO Group and affects both Android and iPhones. The FT said WhatsApp could not yet give an estimate for how many phones were targeted.
Facebook has suffered a multitude of security and privacy breaches in the last year, but this news that a government-grade intelligence collection application had targeted the company’s WhatsApp application is different.
WhatsApp is Facebook’s flagship messaging application and is lauded for its end-to-end encryption, both for messaging and voice calls. As a result, it has become a standard communications platform for government and security officials in many countries around the world.
WhatsApp engineers had been working round the clock to close the security loophole that was discovered early this month, and the company started to deploy a fix to servers on Friday and to customers on Monday.