WhatsApp reveals major security flaw that could let hackers access phones

Article Image

WhatsApp has revealed a vulnerability in its system that could have allowed hackers access to its users' phones, with a London-based human rights lawyer poss...

Posted: May 14, 2019 9:01 AM

WhatsApp has revealed a vulnerability in its system that could have allowed hackers access to its users' phones, with a London-based human rights lawyer possibly among the targets.

The encrypted messaging service, owned by Facebook, said Monday that it had discovered and fixed the vulnerability the attackers had sought to exploit. The hackers could implant malicious code on a victim's phone by placing a voice call to the victim on WhatsApp.

"The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems," a WhatsApp spokesperson said in a statement.

While WhatsApp did not name the private company, a source familiar with the investigation into the attack said that company is NSO Group, an Israeli cyber company that has developed a powerful piece of malware designed to spy on its victims.

In a statement provided to CNN on Monday, NSO said, "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies."

NSO said its technology was licensed to government agencies "for the sole purpose of fighting crime and terror," adding that those agencies determine how the technology is used without any involvement from the company.

The Financial Times first reported details of the vulnerability.

Human rights activists targeted?

Among those believed to have been targeted via WhatsApp is a London-based human rights lawyer.

On Sunday, the lawyer received two calls that John Scott-Railton, a senior researcher at the University of Toronto's Citizen Lab believes were part of the attack. Citizen Lab is an academic security research group that investigates digital threats to civil society groups and online freedom of expression.

The apparent attempt to breach the lawyer's phone was not successful, Scott-Railton said, as WhatsApp had patched the vulnerability by Sunday.

WhatsApp had reached out to Citizen Lab and a number of other groups that work with human rights defenders before publicly acknowledging the attack.

The collaboration between WhatsApp and Citizen Lab helped identify the attempted attack on the London-based lawyer. The lawyer does not want to be named, Scott-Railton told CNN.

Responding specifically to the apparent targeting of the lawyer, NSO Group said in a statement, "NSO would not or could not use its technology in its own right to target any person or organization, including this individual."

Amnesty International filed a petition at the district court of Tel Aviv on Tuesday demanding Israel withdraw NSO's export license, Amnesty's lawyer told CNN Business.

The group claims that NSO software "threatens the rights to privacy and to freedom of opinion and expression, in breach of Israel's obligations under international human rights law."

It said one of its researchers had been targeted via a WhatsApp message containing NSO's spying software in 2018 while working on a campaign to release six women's rights activists detained in Saudi Arabia.

How to update your WhatsApp

WhatsApp said while it has fixed the vulnerability the attackers were exploiting, it is also encouraging users to update to the latest version of the WhatsApp app "out of an abundance of caution." The company said it has also contacted US law enforcement.

Ireland's Data Protection Commission, which supervises Facebook's activities in Europe, said it had been informed of the vulnerability on Monday, adding it was unclear at this stage whether any EU user data had been affected.

Still, it too urged users to ensure the update WhatsApp on their devices.

Here's how:

On an iPhone

-- Open the App Store and select updates.

-- Select "WhatsApp" and Update.

On an Android device

-- Open the Play Store and tap on the 3 lines in the upper left corner.

-- Select "My apps & games" from the menu.

-- Select "WhatsApp" and select Update.

Indiana Coronavirus Cases

Data is updated nightly.

Confirmed Cases: 33068

Reported Deaths: 2068
CountyConfirmedDeaths
Marion9524558
Lake3494175
Cass15897
Allen141966
St. Joseph122134
Hendricks114268
Hamilton113292
Elkhart110128
Johnson1092106
Madison58459
Porter50522
Bartholomew49034
Clark47941
LaPorte42022
Tippecanoe3823
Howard37824
Delaware37636
Jackson3721
Shelby36822
Hancock32727
Floyd31739
Boone30535
Morgan27724
Vanderburgh2592
Montgomery23417
White2308
Decatur22431
Clinton2221
Noble20421
Grant19721
Dubois1903
Harrison18921
Henry16910
Greene16824
Monroe16512
Warrick16528
Dearborn16521
Vigo1538
Lawrence15223
Miami1401
Putnam1357
Jennings1294
Orange12422
Scott1203
Ripley1106
Franklin1098
Kosciusko1011
Carroll933
Daviess8416
Steuben812
Marshall801
Newton7610
Wayne756
Fayette747
Wabash742
LaGrange682
Jasper661
Washington511
Jay490
Fulton471
Clay461
Rush452
Randolph453
Jefferson431
Pulaski410
Whitley383
Owen351
Sullivan341
DeKalb331
Brown331
Starke323
Perry280
Wells270
Benton260
Huntington262
Knox250
Tipton241
Crawford230
Blackford222
Parke190
Spencer191
Switzerland190
Fountain182
Posey160
Gibson142
Adams131
Ohio130
Warren121
Vermillion100
Martin90
Union80
Pike60
Unassigned0161
West Lafayette
Few Clouds
81° wxIcon
Hi: 79° Lo: 57°
Feels Like: 81°
Kokomo
Clear
73° wxIcon
Hi: 75° Lo: 54°
Feels Like: 73°
Rensselaer
Broken Clouds
77° wxIcon
Hi: 76° Lo: 52°
Feels Like: 78°
Fowler
Broken Clouds
77° wxIcon
Hi: 75° Lo: 54°
Feels Like: 78°
Williamsport
Scattered Clouds
80° wxIcon
Hi: 78° Lo: 55°
Feels Like: 80°
Crawfordsville
Scattered Clouds
75° wxIcon
Hi: 77° Lo: 55°
Feels Like: 75°
Frankfort
Scattered Clouds
77° wxIcon
Hi: 76° Lo: 54°
Feels Like: 78°
Delphi
Broken Clouds
75° wxIcon
Hi: 77° Lo: 54°
Feels Like: 75°
Monticello
Broken Clouds
75° wxIcon
Hi: 78° Lo: 53°
Feels Like: 75°
Logansport
Scattered Clouds
75° wxIcon
Hi: 75° Lo: 52°
Feels Like: 75°
Cooler, less humid weather ahead by the weekend.
WLFI Radar
WLFI Temps
WLFI Planner

COVID-19 Important links and resources

As the spread of COVID-19, or as it's more commonly known as the coronavirus continues, this page will serve as your one-stop for the resources you need to stay informed and to keep you and your family safe. CLICK HERE

Closings related to the prevention of the COVID-19 can be found on our Closings page.

Community Events