On Tuesday, WhatsApp discovered a bug in its system that allowed hackers to install spyware on users’ phones. This could be done simply through a phone call even if the user didn’t pick up. Although not specified, it is believed that the hackers were after sensitive user information such as bank details and addresses. Because of this, the company urged its users to update to the latest version of the software as soon as possible.
Why it’s important?
Having such a huge platform – like WhatsApp — be vulnerable to attacks is alarming, it’s a huge invasion of our collective privacy and security. And it’s estimated that a whopping 1.5 billion users are at risk, businesses and individuals alike. This bug would make confidential company information and personal data ripe for the taking by determined hackers seeking to exploit the situation – and most users wouldn’t even know it. Once the scam call has been made to someone’s phone, all evidence of the number is deleted off the affected user’s call log. This makes it impossible for the user or anyone at all for the matter, to trace the number back to the attacker.
What the expert had to say:
Our client Chris Boyd, lead malware intelligence analyst at Malwarebytes had this to say about the bug, “This attack is enormously worrying for anyone using WhatsApp on a phone alongside sensitive information. Even without that, access to a camera and a microphone is a major privacy concern and everybody should upgrade to the newest version as soon as possible. The really impressive thing here is that the WhatsApp team discovered this attack at all, given no click to install is required.”
Chris added, “If your apps and devices are set to update automatically, you should be good to go. If not, go and update manually as soon as possible. As mentioned earlier, you probably shouldn’t worry about having been infected, as it seems to have been a carefully targeted attack. There’s an excellent chance you’re not on the radar.”