If you’re using WhatsApp on either an iPhone or an Android device like a Samsung or Huawei phone, you should update it now.
That’s the official advice from Facebook, which owns WhatsApp after a security flaw was discovered that affects everyone.
All of WhatsApp’s 1.5 billion users are affected by a vulnerability that was believed to be created by an Israeli cybersecurity and intelligence company called NSO Group.
WhatsApp said: ‘We believe a select number of users were targeted through this vulnerability by an advanced cyber actor.
‘This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.
How does the spyware work?
The spyware is spread through the app by its voice call feature. Even if the voice call is not picked up, the spyware can be transmitted through to the recipient.
It attacks through what is known as a ‘buffer overflow’ technique, whereby there is more data sent than the buffer (an allocated amount of memory) can handle in one go. The data overflows to an adjacent storage location on the device and, once there, malicious code can trigger an action.
When the spyware is successfully loaded onto the target phone, it can often remove any evidence of the call being placed in order to hide its tracks. From there, it has access to the internal records of the app which may contain anything sensitive you’ve put in a message. Although WhatsApp encrypts all its messages, that only covers the transit – once the message or picture is received on your device it’s decrypted so you can access it.
What is WhatsApp doing about it?
The company put out a software update immediately that, it says, patches the problem. It wants all its users to update their version of the app to the most recent so they are protected.
The firm is said to have alerted officials at the US Department of Justice after discovering the vulnerability in early May.
‘We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society,’ WhatsApp said.
How do I update my version of the app?
If you’re using an iPhone, you’ll need to go to the App Store icon on your homepage and then tap the ‘Updates’ option at the bottom of the screen.
You’ll be shown a list of ‘Pending’ updates and all you need to do is hit the Update button next to WhatsApp. Alternatively, you have the option to ‘Update All’ at the top.
If you use a device running Android, which could be made by any number of different manufacturers, the process is very similar. Go to the Google Play Store on the phone and tap on the menu on the left-hand side. Select ‘My Apps and Games’ and, just like with iOS, you’ll see a list of the apps you have installed.
WhatsApp should appear there with an ‘Update’ label next to it. Tap on the Update option and it’ll download and install automatically.
Have I been hacked?
It’s too early to know the exact numbers of people that may have been affected by this spyware.
The vulnerability and suspected attacks have been investigated by Citizen Lab, a research group at the University of Toronto. ‘We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer,’ the lab said.
On Monday, Amnesty International said it was backing legal action against the Israeli Ministry of Defence demanding that it revokes NSO Group’s export licence.
Danna Ingleton, deputy director of Amnesty Tech, said: ‘NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics.’