WhatsApp, a Facebook property, has issued a warning to users of its app and is asking users to upgrade to the latest version of the app. Reports surfaced this week that a company based in Israel has been able to successfully install malware that could listen in on phone calls made via WhatsApp. While WhatsApp confirmed the vulnerability, it didn't name the company that allegedly has the capability of listening in on conversations.
WhatsApp is calling for users of its app to update to the latest version of the app and to make sure that their mobile operating system is up to date to protect against targeted exploits designed to compromise information that is stored on the mobile devices. The warning would seem to indicate that the latest version of WhatsApp might have fixes in place to mitigate the risk of the malware, but that is unclear.
WhatsApp has been mum on what company is behind the targeted malware, but Business Insider reports that Israeli cybersecurity firm NSO Group is the company behind the malware. WhatsApp would only state that a private company conducted the attack and that company works with governments to deliver spyware.
WhatsApp has also stated that only a "select number" of users were targeted, but there is no indication of how many users were impacted. According to The Financial Times, human rights attorneys were the targets of the malware. WhatsApp has reportedly contacted the Justice Department about the malware.
Facebook rolled out end-to-end encryption for messages sent and received via the app a while ago and cross-platform encrypted messaging is also in the works for Messenger and Instagram.