WhatsApp has not disclosed the number of people that may have been affected by the vulnerability. It said that an investigation is being carried out, and the company has provided necessary information to US law enforcement agencies.
WhatsApp on Tuesday urged its 1.5 billion users to update the messaging app immediately because of a major security bug. The Facebook-owned platform discovered a vulnerability in the code that allowed a spyware to be installed on a user’s phone through a WhatsApp voice call, whether the call was answered or not. This spyware named Pegasus could potentially extract all the WhatsApp data from your smartphone, which include text messages, GPS location, email, browser history, images and more. Apparently, the spyware was developed by an Israeli cyber intelligence company for NSO Group, FT reported.
WhatsApp, however, did not disclose any of the number of people that may have been affected by the vulnerability. It said that an investigation is being carried out, and the company has provided necessary information to US law enforcement agencies. The messaging company has already identified and fixed the vulnerability, and has asked all its users to update the app immediately. The vulnerability was reportedly discovered last month.
“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices. We are constantly working alongside industry partners to provide the latest security enhancements to help protect our users,” WhatsApp spokesperson noted in a statement.
It’s been reported that the spyware installed via voice call doesn’t affect WhatsApp’s end-to-end encrypted text chats, but all other personal data like regular text messages (SMS), images, GPS location, email, browser history and more could be potentially extracted via the software.