If you're a WhatsApp user, this is what you need to know about the bug that allows hackers to spy on you.
A 0-day vulnerability recently discovered in the world's most popular messaging service, WhatsApp, has allowed hackers to spy on users. The spyware can read their encrypted conversations, turn on the microphone and camera and install spyware that allows greater surveillance of the device; such as accessing the contact list and viewing their photos and videos. To top things off the spyware can exploit the vulnerability of the person they have hacked, simply by placing a WhatsApp voice call to the user’s smartphone. .
The messaging application admitted to a flaw that allowed hackers to install spyware on some devices, both Android and iOs, allowing access to victims' sensitive data.
Security companies are urging WhatsApp users to update the messaging application immediately after this security hole that was allegedly exploited by Israeli hackers.
"We believe that a select number of users were attacked through this vulnerability by an advanced cyberactor," WhatsApp said of the attack, whose vulnerability has already been fixed.
The spyware, Pegasus, developed by Israel's OSN secret group, can be installed without leaving a trace and without the target taking the call, according to security researchers and confirmed by WhatsApp.
The vulnerability exists in the following versions of WhatsApp:
-WhatsApp for Android prior to v2.19.134
-WhatsApp Business for Android prior to v2.19.44
-WhatsApp for iOS prior to v2.19.51
-WhatsApp Business for iOS prior to v2.19.51
-WhatsApp for Windows Phone before v2.18.348
-WhatsApp for Tizen before v2.18.15
The OSN says it sells Pegasus to governments and law enforcement agencies to help combat terrorism and crime. However, in 2016, the NSO spyware was implicated in an attack on an UAE human rights activist named Ahmed Mansoor. In 2018, NSO spyware was aimed at prominent television journalist Carmen Aristegui and 11 others while investigating a scandal involving the Mexican president. Researchers say NSO's powerful spyware has been used by up to 45 countries to help persecute dissidents, journalists and other innocent civilians.
How do I know if my mobile has this spyware?
There is no infallible method, but we can perform certain checks to see if we have been affected:
1. Check the data usage of each app. If there is an application that has spent many megabytes more than usual, it could be an alert signal.
2. See if your device behaves strangely since that day.
If the battery discharges faster than normal or you notice your phone overheating frequently, it could be a sign that you have spyware on your phone.
3. Check all installed programs
Do you find any apps that you don't remember installing? Don't delay and delete it.
4. Back up frequently
As with our desktop, laptop or tablet, always try to back up all data. If something bad happens, you can restore your phone without losing anything.
How to Protect Yourself from WhatsApp Attacks
The best advice at this time is to make sure WhatsApp is always up to date. To do this, just go to the Apple app store or Google Play Store, search for WhatsApp and click Update. If there is no "Update" button, but we do see the "Open" button, it means that we already have the latest version of WhatsApp, and the application is already patched against such attacks.