WhatsApp spyware attack: Everything you need to know

If you are one of the 1.5 billion users of popular messaging app WhatsApp, be aware that a newly discovered vulnerability could leave you open to a vicious spyware attack. It doesn't matter if you avoid clicking fraudulent links, avoid visiting insecure sites, avoid downloading suspicious applications, and follow all other security measures — you are vulnerable. Scary, right? Read on.

About the vulnerability

WhatsApp is the world’s largest and most widely used messaging application. This Facebook-owned app, which uses end-to-end encryption and was considered to be secure until now, has been breached by a spyware known as Pegasus. According to a report from the Financial Times, WhatsApp can be exploited by the spyware, which was developed by an Israel-based cyber-intelligence company called NSO.

The spyware is said to affect both WhatsApp and WhatsApp Business accounts. This is one of the largest zero-day bugs in recent times. A zero-day vulnerability is one in which an attacker exploits a security hole before the company patches it.

Once affected, the spyware can access the user’s data such as calls, texts, and other sensitive information on the device. The spyware is also capable of accessing the device’s microphone and camera to capture new information or perform other malicious activities.

Attackers installed the Pegasus spyware in the users’ devices through an infected WhatsApp call. The devices will be affected irrespective of whether the user answers the call or not. Moreover, according to the report from Financial Times, the infected call does not even get stored in the call logs.

Are you a victim?

Unlike most other cyberattacks, Pegasus has nothing to do with the user’s security or the device’s security. According to Facebook, all smartphones running on various operating systems including Android, iOS, Windows, or Tizen OS can be victimized by the malware.

As per the Financial Times, the bug was released in an attempt to gain access to the data on the phone of a UK-based human rights lawyer. This is not the first time a human-rights organization has been the victim of an attack. When asked about the number of users affected by the attack, a spokesperson from WhatsApp said, “A number in the dozens would not be inaccurate.” Although the exact number of victims is not known yet, some of the targets could potentially be high-profile users who deal with sensitive information. If you've received any such call, then you could possibly be a victim.

How to protect yourself

Facebook has confirmed that they have fixed the issue and have implemented server-side changes. The company has also pushed out the fixed and updated version of WhatsApp and WhatsApp Business applications across all the platforms.

In order to stay safe, users need to check for updates and install the latest version of the application. The patched version is now available on PlayStore, AppStore, Microsoft app store, and the Samsung’s Galaxy app store. If you cannot find the updated version, users can always head to WhatsApp’s official site and download the most recent and updated version of the app for devices.

Failing that, users can also simply uninstall the application.

Is end-to-end encryption safe?

End-to-end encryption has become a marketing term for most companies providing a social messaging platform. The messages and data sent using an end-to-end secure channel make it difficult for hackers to decrypt. However, hackers can read the data without having to decrypt it if the malware gets into the phone’s operating system.

Various companies provide different security mechanisms to ensure the safety and security of users’ data. However, all these security measures work merely on the application-level. Once attackers gain access to the device’s operating system, they gain control over all the entire device. The hackers can then use the device’s abilities to record keystrokes, inputs, capture screen recordings, and more regardless of the app’s security measures.

Cybersecurity is a never-ending war between cybercriminals and InfoSec experts. No matter how secure a system is, it is just a matter of time for hackers to find a loophole to cash in the vulnerabilities. We, as end users, need to make sure that the basics are followed and applied right. Staying up-to-date in terms of updates and security patches for applications is an absolute essential.

Featured image: Shutterstock

Sukesh Mudrakola

Sukesh is a computer science graduate by profession and an IT enterprise and tech enthusiast by passion. He holds an expertise in mobile and wearable technologies and is an avid Android fan.

Published by
Sukesh Mudrakola

Recent Posts

Hardware RAID vs. software RAID: Pros and cons for each

RAID is a technique to virtualize independent disks into arrays for improved performance. Should you…

1 day ago

After the plague: What IT will look like in a post-COVID-19 world

COVID-19 has changed everything, but once it disappears, we will not go back to how…

1 day ago

Solved: Outlook defaults to Microsoft 365 version with Exchange server

An Exchange server with a hybrid connection to Microsoft 365 is usually pretty seamless —…

1 day ago

How chatbots are changing the way teams communicate internally

Chatots are primarily thought of as consumer-facing solutions. They bring life to customer interactions by…

2 days ago

Hakbit ransomware campaign targeting specific European countries

The newly uncovered Hakbit ransomware campaign spread via spear-phishing emails may indicate a shift in…

2 days ago

Credential stuffing: Everything you need to know to avoid being a victim

Credential stuffing is yet another weapon being used by cybercriminals. Here’s what credential stuffing is…

2 days ago