WhatsApp urges users to upgrade after discovering spyware vulnerability

Cheryl Sanders
May 15, 2019

The vulnerability leveraged a bug in WhatsApp's audio call feature, facilitating the installation of spyware on the device being called whether the call was answered or not. Its engineers found that affected users "might get one or two calls from a number that is not familiar to them".

When speaking to the Financial Times, NSO Group said that it vets its customers and investigates abuse, but it is also careful to not involve itself with the actual applications of its software. It has said that these calls usually disappear from the call logs.

"Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is exclusively operated by intelligence and law enforcement agencies", an NSO Group spokesperson said. Once installed, Pegasus has the ability to turn on the mic or camera on your device, as well as gain access to your photos, messages, location data, and emails.

"NSO would not, or could not, use its technology in its own right to target any person or organization", it continued, going on to refer to a specific case in which a human rights lawyer based in the United Kingdom was targeted by the exploit in question.


Several human rights lawyers and campaigners were targeted by the spyware, known as Pegasus.

The NSO Group released a statement on Tuesday claiming that its technology was created "for the sole purpose" of fighting crime and terror.

"Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is exclusively operated by intelligence and law enforcement agencies", NSO Group told the FT.

Responding specifically to the apparent targeting of the lawyer, NSO Group said in a statement, "NSO would not or could not use its technology in its own right to target any person or organization, including this individual". Following the Monday announcement, Amnesty International said it would join the effort to force Israel's defense ministry to suspend NSO's export license.


The human rights group Amnesty International claims that Israel's Ministry of Defense (MOD) has jeopardized human rights by allowing NSO Group to export its products overseas.

It is not immediately clear if the calling flaw could be exploited to shuttle in other malicious code or if it relied on factors introduced by NSO or their clients.

The Spyware would have been used in at least 45 countries around the world but according to WhatsApp, it would have been addressed to a limited number of users, mainly due to the complexity of the attack.


Other reports by iNewsToday

FOLLOW OUR NEWSPAPER