WhatsApp reveals attack by ‘advanced cyber actor’

WhatsApp has suffered a “targeted” surveillance attack on its messaging service.

The messaging app, which is owned by Facebook and used by 1.5bn people worldwide, said the attack targeted a “select number” of users, and was carried out by “an advanced cyber actor”. It is an embarrassing development for the service’s owner, which has faced mounting criticism over privacy concerns.

According to reports, the attack was carried out by Israeli security firm NSO Group. Attackers were able to install surveillance software on to both iPhones and Android phones by ringing up targets using the app’s phone call function.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

The Guardian speculates on who might have been targeted, stating that the messaging app “uses end-to-end encryption, making it popular and secure for activists and dissidents”, while Sky News adds that the attack has “the hallmarks of a private company that works with governments to deliver spyware”.

Facebook previously announced plans “to merge WhatsApp, Facebook and Instagram's software architecture, raising the question as to whether an insecurity in one platform will lead to holes across all three products”, The Daily Telegraph says.

WhatsApp says its engineers had worked around the clock in San Francisco and London to respond to the vulnerability. The company says it began rolling out a fix to its servers on and issued a patch for customers yesterday. It urges all users to update their apps as an added precaution.

The NSO Group is an Israeli company that the BBC says is described as a “cyber arms dealer”. Its Pegasus software can collect intimate data from a target device, including capturing data through the microphone and camera, and gathering location data.

Human rights campaigners in the Middle East have previously received text messages over WhatsApp that contained links that would download Pegasus to their phones.

Amnesty International says it has been targeted by tools created by the NSO Group in the past and has long feared an escalation in this activity.

“They're able to infect your phone without you actually taking an action,” said Danna Ingleton, deputy programme director for Amnesty Tech. “There needs to be some accountability for this, it can't just continue to be a wild west, secretive industry.”

However, NSO said in a statement: “Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies. NSO would not or could not use its technology in its own right to target any person or organisation."