WhatsApp confirms cyber surveillance attack

A vulnerability in the messaging app has allowed hackers to install surveillance software on phones and other devices.

In early May, it was discovered by WhatsApp’s security team, that attackers were able to install surveillance software on both iPhones and Android phones by ringing a target’s device. Even if the call was not picked up, the malicious software could immediately be installed, and often the call disappeared from the call logs.

The attack was developed by the Israeli company NSO Group. WhatsApp disclosed that the attack targeted a “select number” of users. Although it is too early in the investigations to state a definite number on how many phones were targeted.

NSO’s flagship product is Pegasus, a program that has the ability to collect intimate and sensitive data from a target device, including obtaining data through the microphone and camera and collecting location data.

Danna Ingleton, deputy programme director for Amnesty Tech said:

“They’re able to infect your phone without you actually taking an action.”

WhatsApp disclosed the attack to the US Department of Justice last week and began rolling out a fix to its servers on Friday last week, and on Monday customers were issued a patch.

WhatsApp said:

“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.

“We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society.”

NSO responded:

“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.”

“NSO would not, or could not, use its technology in its own right to target any person or organisation.”

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.

Latest articles

5G will advance all of society as we know it

How empathy, ahead of tech, will be the key driver of business recovery post-coronavirus

Automation: a faceless route to customer alienation or a productivity driver?

The importance of data collaboration for marketers

Post-lockdown â€“ planning for your businessâ€™ road to recovery

The 4Ps plus purpose are the key to thriving in the 2020s

Join todayâ€™s data privacy and cyber security virtual event

Behavioural change, nudge theory and ultimate benefit â€“ why isnâ€™t the trial COVID tracking app harnessing the best in tech?

Turning Global Data Protection Into Global Opportunity

Weathering the storm: How cloud technology can help marketers to succeed remotely

Data Legislation Education: Businesses Must Boost Knowledge

Are you a digital polluter? Why advertisers must now end online waste in order to survive

Three key questions businesses should ask themselves before investing in AI tech

Hidden stakeholders: Why CISOs hold the key to successful digital transformation

The IAB Europe Guide to Cookies: Privacy Promises Should Do More Than Crumble

WhatsApp confirms cyber surveillance attack

By Meera Narendra

Posted in Mobile on 14 May 2019, 09:00, 0 Comments.