The scariest thing about this spyware is that it can slip on any WhatsApp users' smartphone without giving any clue that their devices have been infected. It takes place merely by a WhatsApp call. Shocked?
Icing on the cake is if you are wondering that ignoring or not receiving the call would save you from its impact, then you are wrong. As there is no running away from this spyware. Now, the only way to safeguard the data on your smartphone is by updating WhatsApp on your smartphone to the latest version, the one that includes a patch to this security loophole.
Everything you need to know about WhatsApp's Spyware Attack:
What is the WhatsApp spyware attack?
Earlier this week, WhatsApp detected a bug on its platform which allowed malicious actors to hack into users smartphones and steal their complete data. It includes, call logs, messages, photos, contacts, emails, location and other important details. This bug can also be installed on both Android smartphones and iPhones just by placing a WhatsApp call on their smartphones.
Even if a user didn't get the WhatsApp call, the spyware would automatically install on his/her smartphone. Hence, giving hackers unlimited access to their data. Also, once installed, the spyware erases all call logs within WhatsApp giving users no means to confirm an attack.
Who is responsible for this spyware attack?
A report by the Financial Times said Israeli cyber security firm NSO used Pegasus, a program developed by the company which can turn on a phone's camera and microphone to surf through the phone's data might be behind the attack. The company had reportedly been targeting a UK-based lawyer who helped a group of Mexican journalist, government critics and a man of Saudi Arabian dissent living in Canada sue NSO.
The UK-based lawyer told The Guardian, "It is upsetting but not surprising. Someone has to be quite desperate to target a lawyer, and to use the technology that is the very subject of the lawsuit."
Though NSO, on the other hand, has refuted all claims saying that it cannot use its own technology to target an individual or an organisation. "NSO would not or could not use its technology in its own right to target any person or organisation, including this individual," said the cyber intelligence firm.