WhatsAppenin’?

WhatsApp is urging its 1.5 billion global users to update its app immediately to avoid the possibility of becoming the latest target in a spyware scandal. After Monday’s scare, I think it’s time to heed their warning. 

According to security researchers, the spyware was developed by Israel’s secretive NSO group and can be installed without anyone even knowing it’s there. WhatsApp has confirmed this and insisted that we all get the latest update.

Once installed, the spyware is able to initiate your phone’s camera and mic, skim your emails and messages, and even find out where exactly in the world you are.

In a statement the company said: “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”

So far a UK-based human rights lawyer has been hit by the NSO’s flagship Pegasus program but this attack was thwarted by WhatsApp themselves. They’ve in turn launched an investigation into the situation but have not been able to determine how many phones have been targeted.

“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” said WhatsApp in a statement provided to The Financial Times. “We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society.”

But the NSO says it only trades with governments and law enforcement agencies in the hope of fighting terrorism and crime. And yet, the company’s spyware finds itself in the wrong hands.

The vulnerability exists in the following versions:

• WhatsApp for Android prior to v2.19.134
• WhatsApp Business for Android prior to v2.19.44
• WhatsApp for iOS prior to v2.19.51
• WhatsApp Business for iOS prior to v2.19.51
• WhatsApp for Windows Phone prior to v2.18.348
• WhatsApp for Tizen prior to v2.18.15

How do you know you’ve been hacked?

It is extremely unlikely that anyone reading this has been hacked. WhatsApp is estimating that the number of people affected by this is in the dozens.

But how do you know you’ve been hacked? You don’t!

There are certain things that COULD mean you’ve been hacked so keep an eye out for.

• Large amounts of data being sent by your phone
• Battery depleting rapidly

What to do:

Facebook have implemented a change to help protect users and pushed out updates for the various versions on Monday.

Users are strongly advised to check for updates manually through their relevant app stores.

Failing that, uninstalling WhatsApp from your phone will protect you from the attack completely.

For more on being hacked, click here.