Facebook’s WhatsApp messenger on Tuesday urged users to update the application to the latest version after reporting a spyware-related vulnerability that could be installed on phones without users knowledge.
WhatsApp encourages users to update the application to the latest version, as well as to keep mobile operating systems up to date in order to protect against potential attacks aimed at stealing information stored on mobile devices.
The Financial Times newspaper reported earlier that the WhatsApp vulnerability allowed attackers to inject spyware into their phones using the in-app call feature. According to the publication, spyware was developed by the Israeli cyber surveillance company NSO Group.
The malicious code, developed by the secretive Israeli company, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs, said the spyware dealer, who was recently briefed on the WhatsApp hack.
Researchers at the University of Toronto’s Citizen Lab said they believed that the spyware attack on Sunday was linked to the same vulnerability that WhatsApp was trying to patch.
Responding to a question about the Financial Times article, the NSO Group reported that its technology is licensed for use by authorized government agencies “for the sole purpose of fighting crime and terrorism,” and that it does not control the system itself.