author photo
By Bruce Sussman
Tue | May 14, 2019 | 12:28 PM PDT

WhatsApp customers typically want its end-to-end encryption. 

Their communication is safe from prying eyes, right?

Actually, it could be just the opposite.

WhatsApp vulnerability 

Facebook announced a vulnerability in its WhatsApp service which could allow hackers a way to access your entire phone to spy on everything you do with it, without requiring you to do anything.

WhatsApp told MarketWatch:

“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems."

The spokeperson could be talking about the Pegasus Software developed by the Israel based NSO Group. The Financial Times alleged that the software used was developed by that company.

If so, this is the same technology that Citizen Lab says has been used against targets around the world. It claims that NSO-created spyware has been used to target and even kill people.

This is the kind of spyware that likely does not require user interaction to be activated. Learn more in the 60 Minutes interview on the technology designed to unlock any smartphone.

NSO-group-on-60-minutes

This type of hacking software and tech that can unlock phones is in high demand, especially by governments around the world.

Just this week, we learned that U.S. ICE leaders have spent more than $1 million on iPhone unlocking technologies in the last year.

Which versions of WhatsApp need updating?

The Facebook alert says these versions need to be updated immediately:

  • WhatsApp for iOS prior to v2.19.51
  • WhatsApp for Tizen prior to v2.18.15
  • WhatsApp for Android prior to v2.19.134
  • WhatsApp Business for iOS prior to v2.19.51
  • WhatsApp Business for Android prior to v2.19.44
  • WhatsApp for Windows Phone prior to v2.18.348

Here is the Facebook security advisory on WhatsApp.

Comments