WhatsApp Vulnerability Spies on Users
On Monday, May 13, 2019, the popular messaging app, WhatsApp, announced hackers had exploited a flaw in the app’s voice call feature, installing surveillance software on users’ smartphones (both iOS and Android), which may have impacted its 1.5 billion users worldwide. As of Tuesday, May 14th, the exact number of victims remains unknown.
The hack may mean that spyware technology, created by NSO Group, infiltrated WhatsApp. This compromise could include the ability to turn on a phone’s microphone and camera, spy through emails and messages, and collect location data, according to the New York Times. NSO offers its surveillance technology to authorized governments to fight terrorism and cybercrime.
WhatsApp is a Facebook-owned application.
Should I Be Worried?
The security vulnerability was patched over the weekend, before the news was announced. WhatsApp users are urged to update their app to the latest version, version 2.19.51. If you are not sure how to do this, you can follow instructions here.
It is unknown what information may have been compromised, but mobile vulnerabilities are a leading factor in data breaches. If cybercriminals accessed the Personally Identifiable Information (PII) of WhatsApp users, that data is at risk of being sold on the dark web or used to commit identity theft and fraud.
3 Tips to Protect Yourself
- Update your phone software and all mobile apps. Make sure you have the latest iOS or Android update installed. Having all applications up to date reduces the risk of a vulnerability infiltrating your device.
- Change your passwords. Update passwords for your accounts and refrain from storing passwords to your phone. If you have a hard time remembering your login credentials, use a password manager.
- Safeguard your device with Mobile Protection. Invest in a mobile program that alerts you of rogue applications, spyware, and unsecured Wi-Fi connections for added security.