- The atonement of an alt-right troll 1 Week Ago
- #StopTheBans protests draw thousands across the country in support of abortion rights 1 Week Ago
- North Korea is using Trump’s low IQ attack on Joe Biden Today 9:14 AM
- How to watch ‘Kidding’ for free Today 8:00 AM
- What’s the deal with Bran Stark at the end of ‘Game of Thrones’? Today 6:30 AM
- How to watch TruTV online for free Today 6:00 AM
- Fans call out Madonna for edited Eurovision video Tuesday 9:36 PM
- Partnered Twitch streamer temporarily banned for airing troll’s racist message Tuesday 8:45 PM
- Reddit theory says fans are wrong about who won ‘Game of Thrones’ Tuesday 6:52 PM
- Elon Musk hires ‘absolute unit’ sheep meme creator to be Tesla’s social media manager Tuesday 6:12 PM
- Jason Momoa stands by his Khaleesi after the ‘Game of Thrones’ finale Tuesday 4:05 PM
- Airbnb, 23andMe partner for creepy heritage travel recommendations Tuesday 3:26 PM
- Rep. Katie Porter goes viral again for trouncing Ben Carson (updated) Tuesday 3:26 PM
- This deepfake takes Bill Hader’s Schwarzenegger impression to the next level Tuesday 2:58 PM
- Wanda Sykes rails against Trump and offers much-needed perspective in ‘Not Normal’ Tuesday 2:41 PM
Christoph Scholz/Flickr (CC-BY-SA)
A severe vulnerability in the popular messaging platform WhatsApp allowed hackers to remotely compromise phones just by calling them.
The issue, first reported by the Financial Times, allowed hackers to take over both iPhone and Android devices and install powerful malware even if the target did not answer the call.
Once installed, the malware could do everything from collect private messages to activate the phone’s microphone and camera.
WhatsApp, which boasts more than 1.5 billion users, says it discovered the vulnerability earlier this month while improving the app’s security.
According to the Financial Times, NSO Group, an Israeli spyware company known to work with governments, is responsible for the malware. The company’s exploits have repeatedly been linked to the hacks of journalists, human rights workers, dissident, and lawyers.
While WhatsApp did not name the NSO Group specifically, it did not deny the Financial Times’ reporting. Speaking with Ars Technica, a WhatsApp representative stated that “an advanced cyber actor” was behind the incident.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said.
John Scott-Railton, a senior researcher with surveillance watchdog group Citizen Lab, says one of those targeted by the WhatsApp attack was a human rights lawyer based in the U.K. Scott-Railton also stated that the lawyer was representing, among other clients, a Saudi dissident in Canada currently suing NSO Group.
Perhaps most famously, NSO Group malware was used against journalist and Saudi government critic Jamal Khashoggi, who was killed and dismembered shortly after being lured into the Saudi Consulate in Istanbul last year.
Following news of the WhatsApp issue, Amnesty International, which had its employees targeted with NSO Group spyware last year, announced Monday that it would join a lawsuit against the Israeli company. The aim of the lawsuit is to have the Israeli government revoke NSO Group’s export license for selling its spyware to hostile regimes.
- Man accidentally swallows AirPod—and hears it working in his stomach
- Report: Apple limiting apps that help users control their screen time
- Teen hits Apple with $1 billion lawsuit over alleged face recognition arrest
H/T Financial Times
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.