Information security audit specialists have reported the existence of a spyware developed by a hacking group for hire that has exploited vulnerability in WhatsApp, the most popular instant messaging service in the world, to remotely kidnap dozens of smartphones.
In a statement published by the company it is
only mentioned that the attackers are “a group of hackers working for
multiple governments to develop spying software”. Some information
security audit experts assure that the attack operators are NSO hackers, an
Israeli technology company.
According to reports, this malware could
compromise mobile devices through the missed call list in WhatsApp;
so far, Facebook, WhatsApp owning company, has only mentioned that “dozens”
of devices have been infected, so the exact scope of the security incident is
A Facebook spokesman stated that the incident
was detected during an additional maintenance day for the call function of
WhatsApp. “Our engineers discovered that the victims received one or two
calls from an unknown number, during this process, the attackers were sending
code to the victim”.
After detecting the incident WhatsApp began its
process of correction and updating, in addition to inform the corresponding
authorities to continue the investigation, reported the information security audit
On the other hand, the Israeli company NSO
affirmed through a statement that their technology and knowledge are used by
police and intelligence agencies in combating organized crime and terrorist
activities. “The NSO will investigate any allegations of misuse supported
by evidence and take the necessary measures if necessary,” concludes the
According to the experts from the International
Institute of Cyber Security (IICS) this spyware has been detected on multiple
occasions attacking journalists, political dissidents, social activists, etc.
Perhaps the most relevant case related to this malware is the murder of the
Saudi journalist Jamal Khashoggi in Istanbul.
The NGO Amnesty International also claimed that
one of its members was infected with this malicious software in 2018, so it
would try to convince the Israeli government to cancel its contracts with this