WhatsApp is urgently looking for a security fix to a bug they believe could be putting malicious code and spyware on people’s phones without them knowing.
The code is reportedly being sent to target phones through ringing them, however, the target phone doesn’t even need to be answered for the software to be sent over. The Financial Times even reported that the call might disappear from your call log, leaving little trace that the software is or isn’t on your phone.
In a statement from WhatsApp, they said:
“We believe a select number of users were targeted through this vulnerability by an advanced cyber actor. This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.
“We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society.”
It is believed that this security breach could affect over 1.5 billion users (basically, everyone who users the app). The Citizen Lab, a research group at the University of Toronto is trying to get to the bottom of the problem, blocking and investigating people they find to be breaching the security threat.
More to follow.
