This week, WhatsApp announced that an unknown number of its users were the subject of an attack which installed spyware on user devices without their knowledge.
By exploiting a vulnerability in the app, hackers were able to gain access to user call logs, texts, cameras, microphones, and other data.
The spyware – a product of Israeli spy firm, the NSO Group – was activated by placing a voice call to targets. The targets didn’t need to pick up, there was no record of the call, and in some instances, the targets didn’t even receive a physical call at all.
Though convenient, intuitive, and incredibly popular – WhatsApp’s user base has exploded to reach 1.5 billion monthly – free chat apps are increasingly vulnerable. This attack, for example, even managed to bypass WhatsApp’s end-to-end encryption.
Naturally, this latest breach raises a number of important questions such as:
Here’s what you need to know and the steps you should take.
Most likely – no.
According to WhatsApp, the attack only infected a small number of users.
That said, the vulnerability existed across all devices and operating systems and includes the following versions:
WhatsApp has already released an update for iOS and Android devices. If you’re a WhatsApp user, you’ll want to update your application immediately.
If you’re using an iPhone or iOS device:
On Android devices:
Importantly, to better protect yourself in the future, consider turning on automatic updates, or update your applications and operating systems each time an update is available.
First of all, you shouldn’t rush to ditch your favorite chat apps.
Ultimately, any piece of technology, and especially smartphones and messaging applications, is vulnerable to attack. As technology evolves at breakneck pace, so too do the tricks and tools which hackers and thieves employ to exploit potential vulnerabilities.
You should, however, consider your communication habits.
Carefully considering these questions helps you examine whether chat applications like WhatsApp, or any other free, consumer-grade chat apps, are suitable for your communication needs.
Generally, free, consumer-grade chat apps aren’t a platform for enterprise-grade communication.
The unfortunate truth is that no messaging application in 2019 is 100 percent safe from malicious outside attacks.
The reality, however, is that your odds of being targeted over a private, self-hosted team network offering peer-to-peer channels, end-to-end encryption, and anti-virus and malware integration, are less likely.
By carefully considering both your communication habits and tools, you can begin to better safeguard yourself and your communication.