WhatsApp Spyware Vulnerabilities Exposed In Recent Malware Attack

WhatsApp officials have confirmed that Facebook’s subsidiary organisation has exposed their 1.5 billion users to a potential malware attack following a recent cyber attack.

It is thought that an unknown number of smartphones have become vulnerable to a sneaky piece of spyware since the beginning of May 2019.

The Financial Times first broke the story that malware was able to install the surveillance system by using WhatsApp’s caller service.

User’s phone numbers were called, the technology was installed remotely and then the records of the phone calls were deleted, making it very hard to detect whether the smartphone had fallen victim to the sophisticated scam that allowed the hackers access to location data and private messages.

The spyware was developed by the Israeli cyber company NSO Group. It is thought that this type of technology is usually reserved to targeting threats of national security as opposed to the general populace. The NSO only license their products to government agencies fighting crime and terror.

WhatsApp experts have neutralised the spyware and all updated versions of WhatsApp will ensure that the spyware becomes unusable.

As law firms will often communicate through this technology and by using smart devices, it is imperative that all devices are updated immediately to ensure cyber criminals are unable to steal any further data.

A statement from WhatsApp representatives, commented:

“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.

“The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15,”

“We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society.

“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices. We are constantly working alongside industry partners to provide the latest security enhancements to help protect our users.”

Does your law firm use WhatsApp to communicate internally? Could your employees have communicated client information within a WhatsApp message? Have you ensured that all employees have updated their smartphone apps?

Rate this article: