New Delhi: A Financial Times report has alleged that a notorious Israeli spy firm has developed a WhatsApp exploit that could inject malware into targeted phones — and steal data from them — simply by calling them. The targets didn’t need to pick up to be infected, and the calls often left no trace on the phone’s log. WhatsApp, which offers encrypted messaging by default to its 1.5 billion users worldwide, discovered the vulnerability in early May and released a patch for it on Monday.
It has now urged the users to update their app to protect against “potential targeted exploits.” It has also made changes to its infrastructure to deny the ability for this attack to take place, it added. WhatsApp — which is end-to-end encrypted — did not disclose the number of people that may have been affected by the vulnerability. India has the largest base of WhatsApp users globally with well over 200 million users.
The company said it has launched an investigation into the matter, and has also provided information to US law enforcement agencies to help them conduct an investigation. According to the Financial Times, an unnamed UK lawyer who was targeted is suing NSO Group in Israel on behalf a group of Mexican journalists and government critics and a Saudi dissident living in Canada.