WhatsApp users targeted by spyware via in-app phone call prompting upgrade calls

Posted by
WhatsApp said it first discovered the issue in early May.

Some WhatsApp users may have had their phones infected with sophisticated spyware through a missed in-app call alone, the company says.

Key points:

  • WhatsApp says an unknown number of people were infected with the malware
  • It was transmitted when attackers called a target’s device, whether or not they answered
  • The popular messaging service says it quickly resolved the issue, and is now urging people to upgrade to the latest version of the app

The popular messaging service said “an advanced cyber actor” infected an unknown number of people with the malware, which was discovered in early May. 

A WhatsApp spokesman, who would not be further identified, said an amount “in the dozens at least” would not be inaccurate.

The company said it has since quickly resolved the issue and pushed out a patch. 

“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” it said in a statement.

The spyware was able to be transmitted when attackers called a target’s device, irrespective of whether or not they answered the call.

Logs of incoming calls were also erased, according to the Financial Times, which first reported the breach.

“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” the company told the Financial Times.

“We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society.”

The Financial Times identified the company as Israel’s NSO Group, whose Pegasus software is known to have been used against human rights activists.

Amnesty International, which has previously reported being targeted by the software, is currently supporting legal action that would compel the Israeli Ministry of Defence to revoke the export license of NSO Group due to its “chilling attacks on human rights defenders around the world”.

The WhatsApp app logo is seen on a smartphone.

“NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics,” said Danna Ingleton, deputy director of Amnesty Tech.

NSO Group told the Financial Times it was investigating the issue and under no circumstances would it “be involved in the operating or identifying of targets of its technology”, which it said was solely operated by intelligence and law enforcement agencies.

Advertisements