WhatsApp exploit allowed targeted surveillance of Android users

Damien Wilde | May 14 2019 - 5:09 am PT

A recent exploit discovered within WhatsApp messenger has found that hackers could install surveillance software remotely on devices running the non-patched app.

WhatsApp, owned by Facebook, has said that the exploit was used to target a “select number” of users, and was conducted by “an advanced cyber actor”. It is believed that this exploit was developed by Israeli security firm NSO Group according to the Financial Times (via BBC).

A fix was quick to roll out, which was released on Friday. WhatsApp execs have been quick to suggest that users install the latest app build via on their preferred device App Store.

The surveillance software could be remotely installed by using the WhatsApp VOIP calling option. Attackers were able to install any software simply by calling a potential victims’ phone even if the potential victim did not pick up the call or rejected it.

What seems more menacing is that this call would not appear within the WhatsApp call log, meaning the users would be completely unaware of any potential attack. It is not immediately clear how many devices were affected or infected via this exploit.

Affected Versions: The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

Facebook has since confirmed the attack in a security notice posted on their dedicated Security sub-domain. It states that those running builds prior to v2.19.134 on Android and those prior to v2.19.51 on iOS should update their apps immediately.

With WhatsApp promoting itself as a secure messaging platform and offering end-to-end encryption for private messages, this is a major blow. If you are running an older build it is important to update as soon as possible.