Skip to main content

WhatsApp discloses vulnerability that allowed Israeli spyware to be installed on iPhones

A report from The Financial Times this afternoon details a vulnerability in WhatsApp that allowed attackers to inject Israeli spyware onto phones. The malicious code was developed by Israeli company NSO Group and transmitted by calling users via WhatsApp on iOS and Android.

The malicious code could be transmitted even if a user did not answer the WhatsApp call, the report explains. In many cases, the call would disappear from call logs, so it’s possible that users could have been targeted and not even realize it.

Many details about the vulnerability remain unclear, but the report suggests that the loophole was open for several weeks. In a statement, WhatsApp said:

“This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” the company said. “We have briefed a number of human rights organizations to share the information we can, and to work with them to notify civil society.”

According to the report, WhatsApp is too early into its own investigations of the attack to “estimate how many phones were targeted.” WhatsApp is used by over 1.5 billion worldwide and is owned by Facebook.

WhatsApp reportedly disclosed the issue to the United States Department of Justice last week, and started deploying a fix to its servers on Friday. Engineers worked through Sunday before deploying a patch for customers today, the report says.

NSO Group develops tools such as Pegasus and markets them to governments around the world as a way to fight terrorism and crime. In a statement to The Financial Times, it said that it “would, or could not, use its technology in its own right to target any person or organization.”

You can read the full report from The Financial Times here.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Subscribe to 9to5Mac on YouTube for more Apple news:

Comments

Author

Avatar for Chance Miller Chance Miller

Chance is the editor-in-chief of 9to5Mac, overseeing the entire site’s operations. He also hosts the 9to5Mac Daily and 9to5Mac Happy Hour podcasts.

You can send tips, questions, and typos to chance@9to5mac.com.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications