WhatsApp found and patched spyware that infected phones through missed calls

The spyware effectively turned phones into surveillance devices, and targets included a U.K.-based human rights lawyer

WhatsApp icon on phone

A flaw in the massively popular voice-over IP chat platform WhatsApp allowed a sophisticated group of hackers-for-hire to hijack dozens of phones remotely.

WhatsApp discovered the flaw in early May, which attackers used to install surveillance software on both iPhone and Android devices by calling users through the app. The malware worked even if users didn’t answer the call, and effectively turned phones in pocket-sized surveillance devices by hijacking the camera.

The most recent breach occurred on May 12th, when a U.K.-based human rights lawyer received a call mere hours before WhatsApp pushed a patch for the flaw. The lawyer, who spoke anonymously for professional reasons, said it was one of many suspicious calls received over the past few months.

A WhatsApp spokesperson told the Associated Press (via CBC News) that the number of people affected is unknown, but it wouldn’t be inaccurate to say it’s in the dozens, at least.

The Financial Times noted that Israel’s NSO Group developed the malicious code used in the attack and researchers from the University of Toronto’s Citizen Lab said they believed the spyware attack was linked to the same vulnerability WhatsApp was working to patch.

While NSO told the AP in a statement that its technology is used by law enforcement and intelligence agencies to fight crime and terror, it’s worth noting that the spyware has repeatedly been used to hack journalists, lawyers, human rights defenders and dissidents.

Most notably, the spyware was implicated in the killing of Saudi journalist Jamal Khashoggi. Khashoggi was dismembered in the Saudi Consulate in Istanbul last year, and his body was never found.

The attack on the lawyer is particularly disturbing, considering several alleged targets of the spyware are suing NSO in an Israeli court. Further, Amnesty International, which says one of its staffers was also a target of the spyware last year, plans to join a legal bid to force Israel’s Ministry of Defence to suspend the NSO’s export licence.

Source: Financial Times, CBC News