Major WhatsApp malware has been discovered which infected multiple users’ mobile phones through in-app missed calls from unknown numbers. The Facebook subsidiary has confirmed reports that exposed the malware.
The malware which was discovered to be created by an “advanced cyber” group – Israel’s NSO Group – was confirmed by the company. After the report on the WhatsApp malware was released, a spokesperson for the company (who was not authorised to be quoted by name) confirmed that “[WhatsApp] are certainly not refuting any of the coverage [about the malware] you’ve seen“. NSO said it is investigating the issue.
The WhatsApp spokesperson went on to confirm that the malware was able to infect WhatsApp users’ mobile phones through a mere missed called in the app. The spokesperson didn’t confirm how many WhatsApp users were affected by the malware. Amnesty International identified an attempt to hack into the phone of one of its researchers.
The company had already discovered this new WhatsApp malware earlier this month according to the spokesperson, and “immediately contacted Citizen Lab and human rights groups, quickly fixed the issue and pushed out a patch“.
The flaw was discovered while our team was putting some additional security enhancements to our voice calls” and that engineers found that people targeted for infection might get one or two calls from a number that is not familiar to them. In the process of calling, this code gets shipped.
What makes this malware attack stand out from previous WhatsApp bugs or attacks, is that there was nothing a user could do to prevent the attack. Once the in-app missed call was made to the targetted WhatsApp user, the code was installed on the user’s device. Luckily the malware was discovered and the patch to fix the issue is apparently working.