Yikes, WhatsApp exploit allowed spyware to be installed with a phone call
A WhatsApp vulnerability allowed attackers to remotely install spyware onto phones — by simply calling them.
First reported by the Financial Times and confirmed by WhatsApp, the issue was discovered in early May and was promptly fixed by the company.
The Facebook-owned messaging service said it believed certain users were targeted through the vulnerability by an advanced cyber actor.
As noted by the Financial Times, the spyware was developed by the Israeli cyber intelligence firm NSO Group. The malicious code could be inserted via a voice call, even if the recipient didn’t answer their phone, and the call would disappear from logs. Read more…