A flaw in WhatsApp allowed hackers to install spyware and remotely control users’ smartphones
Upgrade WhatsApp. Immediately. Otherwise, your personal data could be in danger. Launching the alarm is not a group of activists or researchers specializing in computer security, but the Financial Times that discovered a flaw on WhatsApp (Android and iOS) that allowed hackers to install spyware on users’ smartphones by making a simple call. Spyware is a particular type of virus that can activate the microphone and camera of the cell phone remotely and spy on every single activity carried out by the person. It is malware used mostly in international espionage actions.
The vulnerability was discovered in early May and WhatsApp engineers immediately released an update to fix the flaw. It’s still unclear how many users are involved in this scandal, but WhatsApp has assured that they are “well-chosen” users. In fact, the spyware in question is called Pegasus and is developed by Israeli cybersecurity firm NSO Group, which in recent years has sold software to governments and law enforcement agencies to fight terrorism and crime.
WhatsApp, your data is in danger
In order to install the spyware on users’ smartphones, hackers exploited a flaw in WhatsApp’s calls feature. The hackers didn’t even need the person to answer, but only needed to initiate the phone call to infect the device. Once inside the smartphone, the Pegasus spyware remotely activated the phone’s microphone and camera and began its spy work. But that’s not all. It was also able to record calls, track movements via GPS and scan emails and messages received. All the collected data was sent to the spyware’s servers.
WhatsApp wanted to reassure its users and released an official statement to the Financial Times assuring that it has already alerted the security forces in order to figure out who are the people involved in the hack. Unfortunately, for the moment we do not know the users affected by the Pegasus spyware, but they should not be many. Come detto, infatti, l’azienda NSO Group lavora al fianco di governi e forze dell’ordine e utilizza i propri software per prevenire attacchi di terrorismo.
Come difendere lo smartphone dallo spyware Pegasus
I tecnici di WhatsApp hanno rapidamente risolto il bug presente nelle chiamate vocali e rilasciato una nuova versione. Per difendersi dall’attacco dello spyware Pegasus bisogna aggiornare WhatsApp all’ultima versione disponibile:
- WhatsApp per Android v2.19.134,
- WhatsApp Business per Android v2.19.44,
- WhatsApp per iOS v2.19.51,
- WhatsApp Business per iOS v2.19.51,
- WhatsApp per Windows Phone v2.18.348,
- WhatsApp per Tizen v2.18.15
Che cosa è lo spyware e come difendersi
Lo spyware è uno dei tanti virus informatici da cui gli utenti devono difendersi. Rispetto ai classici malware è molto più difficile da scovare ed è in grado di entrare in profondità nel vostro dispositivo. As you can guess from the name, in fact, the purpose of spyware is to spy on users and collect any data on their device: images, videos, documents. But that’s not all. The spyware can remotely activate the microphone and the camera of the smartphone and make it become a real micro-spy.
Antivirus is not enough to defend yourself from a spyware, but you should always keep your device updated: operating system and applications. Also, watch out for email attachments that you consider suspicious, they might be hiding spyware.