JOHANNESBURG – WhatsApp urged its 1.5-billion users globally to update their app after discovering a vulnerability allowing spyware to be installed on devices.
According to the Financial Times, the attack was developed by Israeli security firm NSO Group.
The spyware would be installed on phones by phoning devices using WhatsApp.
The messaging giant reportedly discovered the vulnerability earlier this month and created a fix which was published on Monday.
The Guardian quoted a statement from WhatsApp saying, “The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems. We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society.”
NSO reportedly sells its spyware – Pegasus, to state intelligence agenices. The Guardian reports that once installed on the phone, the software could extract all of the data that's already on the device (text messages, contacts, GPS location, email, browser history etc) in addition to creating new data by using the phone's microphone and camera to record the user's surroundings.
In a statement, NSO said its technology was licensed to authorised government agencies for the sole purpose of fighting crime and terror.