After discovering the vulnerability that had allowed spyware to be injected in the user’s phone through the applications phone call function, Whatsapp is now recommending the users to update their app for the latest version. The spyware had been developed by the NSO group Israeli cyber intelligence company as per the Financial Times that had initially reported about the vulnerability.
As per the reports, the attackers were able to transfer the malicious code to a specific target device by calling the user and infecting the call regardless if the recipient had answered the call or not.
People also noticed that there call logs were erased often. Whatsapp had said that this vulnerability had been discovered this month. The company had quickly addressed the specific issue by taking appropriate action within its own infrastructure. They had also published an update on their app on Monday. The company since then is encouraging the users for up gradation as caution.
CVE notice
Whatsapp has also alerted the US law enforcement regarding this exploitation. Whatsapp has also published a CVE notice for the same. They have simultaneously published an advisory to the experts of cyber security so that they are alert for this kind of common exposures and vulnerabilities.
As per the reports by FT on the 12th of May, the vulnerability was done as an attempt to attack the phone of an attorney that is UK based. It is said that the lawyer was involved with a lawsuit. It was against the NSO that was brought by government critics, Mexican journalists and also the Saudi Arabian dissidents.
WhatsApp in their statement had said that the attacks have all of the hallmarks that are of a private company. It also works with the government for delivering the spyware that takes over the different functions of the mobile operating systems.
