Update WhatApp to save data from Spyware Attack
Yes! You need to update your WhatsApp, latest version of the app after discovering a vulnerability that allowed spyware to be injected into a user’s phone through the app’s phone call function.
Israeli cyber intelligence company NSO Group has developed it, according to the Financial Times, which first reported the vulnerability.The malicious code can be transferred to a target’s device by calling the user and infecting the call whether or not the recipient answered the call. According to the report, Logs of the incoming calls were often erased,
WhatsApp published CVE notice for spyware
WhatsApp said that we have discovered this vulnerability this month only, and that the company quickly addressed the problem within its own infrastructure. On Monday an update to the app was published, and the company is encouraging users to upgrade out of an abundance of caution.A notice name “CVE notice” has also published alerting by US law enforcement to the exploit, and published a “CVE notice”, an advisory to other cyber security experts alerting them to “common vulnerabilities and exposures”.
What is WhatApp doing for safety from Spyware Attack?
Even after such big step, The company said “ WhatsApp spyware is sophisticated & would be available to only advanced and highly motivated actors”. Also adding the statement “select number of users were targeted.”
WhatsApp has already did their bit by briefing human rights organizations on the matter, but did not identify them.A research group at the University of Toronto name ‘The Citizen Lab’, said in a tweet it believed an attacker tried to target a human rights lawyer but as whatsapp got to know this, it was blocked by WhatsApp.
How WhatsApp Spyware Attack Occurred?
On 12 May, An attack was attempted on the phone of a UK-based attorney, the FT reported. The lawyer is also identified but his name is not yet enclosed, is involved in a lawsuit against NSO brought by a group of Mexican journalists, government critics and a Saudi Arabian dissident.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said in a statement. “A number of human rights organizations have briefed to share the information we can and to work with them to notify civil society.”
Guardian’s request was not immediately attended by the NSO Group for a comment. The company told it was investigating the WhatsApp attacks.