WhatsApp breached by spyware

What happened?

WhatsApp, a messaging application used by over 1.5 billion people, has been the victim of a cybersecurity breach.

A loophole in the popular messaging app has allowed hackers to install spyware on smartphones through calling people using the app. The spyware could be transmitted onto the device whether or not the call has been answered.

The attack relied on buffer overflow, where if more code is injected into an app’s memory than it can handle, the extra data overflows into adjacent memory. Data is then overwritten and an attack vector is created.

What are the effects of the breach?

Whilst we know that most firms don’t use WhatsApp for business communications, we know that many of their team members will have the app installed on their phone.

The spyware gives the hacker the capability to view information and activity on the infected users’ phones. This is particularly risky for companies where people are working on their phones and accessing applications for work.

What do I do to secure my phone?

While the actual count of affected users has not been released yet, every one of the 1.5 billion users could be affected.

If you have WhatsApp installed on your device, you should take the following steps:

  • Ensure that you have the latest version of WhatsApp installed.
  • Ensure you have the latest version of Android or Apple IOS on your device.

Request A Free Cloud Security Consultation from Practice Protect

The fastest and easiest way to learn more about securing your practice is to call us on 1300 010 114 or click here to schedule your free Cloud Security Consultation.