grandeduc - Fotolia

Spyware targets WhatsApp users

Social media platform issues update after it discovered a flaw being exploited by commercial spyware

WhatsApp has been forced to issue an update after spyware was discovered exploiting a vulnerability in the social media platform.

On its Twitter feed, Citizen Lab reported that WhatsApp had pushed out updates to close a vulnerability. “We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer,” it said. “Now is a great time to update your WhatsApp software.”

According to a report in the Financial Times, the vulnerability in WhatsApp was exploited by a commercial spyware software provider called NSO, which sells software called Pegasus to governments and law enforcement agencies.

On its website, the NSO Group describes its products as technology that helps government intelligence and law enforcement agencies prevent and investigate terrorism and crime. The group was established in 2014 from the combination of Israeli and European cyber technology companies.

According to reports across the internet, NSO’s Pegasus software has previously been used to attack the iPhone of UAE-based human rights activist Ahmed Mansoor.

In 2017, Kasperky Labs’ John Snow blogged: “As for surveillance, let’s be clear: we’re talking total surveillance. Pegasus is modular malware. After scanning the target’s device, it installs the necessary modules to read the user’s messages and mail, listen to calls, capture screenshots, log pressed keys, exfiltrate browser history, contacts, and so on and so forth. Basically, it can spy on every aspect of the target’s life.

“It’s also noteworthy that Pegasus could even listen to encrypted audio streams and read encrypted messages – thanks to its keylogging and audio recording capabilities, it was stealing messages before they were encrypted (and, for incoming messages, after decryption).”

Commenting on the WhatsApp flaw, Ronald Deibert, professor of political science at Munk School of Global Affairs & Public Policy, University of Toronto, who heads up Citizen Lab, tweeted: “This is like the ‘nuclear’ option of spyware – no click. No need to trick someone. No social engineering. Just ring a phone. NSO’s ‘no-click’ spyware variant exploited a vulnerability in WhatsApp. Update your software now.”

Read more about Spyware

Read more on Social media technology