- 15-year-old Smash Bros. prodigy caught using racist slur in private Discord server 2 Months Ago
- Instagram users who post pet pictures more likely to get hacked 2 Months Ago
- Post-Prime Day recap: Shipping delays, more sales, and a scam Today 3:08 PM
- Jacob Wohl returns to Twitter … for now Today 1:56 PM
- How to stream WWE Raw Reunion Today 1:35 PM
- ‘I hope Trump deports you’: Woman goes on racist rant to Spanish speakers at a store Today 1:24 PM
- Emoji Mashup Bot gives life to unidentifiable emotions Today 1:15 PM
- Notorious grifter Anna Sorokin reportedly blocked from profiting off Netflix series Today 12:45 PM
- Charlottesville attacker’s Twitter account included praise for Hitler Today 12:10 PM
- ‘Short Treks’ trailer: Spock, Pike, and Number One return Today 11:57 AM
- Everything we know about ‘Star Trek: Lower Decks,’ the new animated show Today 11:55 AM
- Cole Carrigan says he left Team 10 after being called homophobic slur Today 11:32 AM
- Cop under investigation after implying Ocasio-Cortez should be shot Today 11:07 AM
- The ‘Big Little Lies’ finale sucked—but at least we have Renata Today 11:01 AM
- Wendy Davis announces she’s running for Congress Today 10:45 AM
Christoph Scholz/Flickr (CC-BY-SA)
A severe vulnerability in the popular messaging platform WhatsApp allowed hackers to remotely compromise phones just by calling them.
The issue, first reported by the Financial Times, allowed hackers to take over both iPhone and Android devices and install powerful malware even if the target did not answer the call.
Once installed, the malware could do everything from collect private messages to activate the phone’s microphone and camera.
WhatsApp, which boasts more than 1.5 billion users, says it discovered the vulnerability earlier this month while improving the app’s security.
According to the Financial Times, NSO Group, an Israeli spyware company known to work with governments, is responsible for the malware. The company’s exploits have repeatedly been linked to the hacks of journalists, human rights workers, dissident, and lawyers.
While WhatsApp did not name the NSO Group specifically, it did not deny the Financial Times’ reporting. Speaking with Ars Technica, a WhatsApp representative stated that “an advanced cyber actor” was behind the incident.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said.
John Scott-Railton, a senior researcher with surveillance watchdog group Citizen Lab, says one of those targeted by the WhatsApp attack was a human rights lawyer based in the U.K. Scott-Railton also stated that the lawyer was representing, among other clients, a Saudi dissident in Canada currently suing NSO Group.
Perhaps most famously, NSO Group malware was used against journalist and Saudi government critic Jamal Khashoggi, who was killed and dismembered shortly after being lured into the Saudi Consulate in Istanbul last year.
Following news of the WhatsApp issue, Amnesty International, which had its employees targeted with NSO Group spyware last year, announced Monday that it would join a lawsuit against the Israeli company. The aim of the lawsuit is to have the Israeli government revoke NSO Group’s export license for selling its spyware to hostile regimes.
- Man accidentally swallows AirPod—and hears it working in his stomach
- Report: Apple limiting apps that help users control their screen time
- Teen hits Apple with $1 billion lawsuit over alleged face recognition arrest
H/T Financial Times
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.