WhatsApp has today disclosed that a vulnerability allowed hackers to install national grade spyware on phones. The vulnerability was discovered in May this year and exploited a flaw in the audio call feature of the messaging app. The caller was able to install the spyware on the affected phones even though the receiver declined the call.
The spyware installed on the phones is called ‘Pegasus’ which is a creation of Israeli cyber-intelligence company NSO. WhatsApp did not mention NSO in its official statement, but it was evident from the statement.
“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.”
The Facebook-owned company also did not mention the number of affected users but said that the hackers installed the spyware on a few targeted devices.
It is too soon to confirm the data obtained by the hackers in the attack and the exact number of affected users.
According to WhatsApp, as soon as the company discovered the flaw and the targeted attack, it took strict measures within the next 10 days. The company has asked its 1.5 billion users to update the app to its latest version.