Thursday, March 28, 2024 | Ramadan 17, 1445 H
broken clouds
weather
OMAN
23°C / 23°C
EDITOR IN CHIEF- ABDULLAH BIN SALIM AL SHUEILI

WhatsApp tells users to upgrade after security breach

1219863
1219863
minus
plus

PARIS: Facebook’s WhatsApp urged users to upgrade to the latest version of its popular messaging app after reporting that users might be vulnerable to having malicious spyware installed on phones without their knowledge.


WhatsApp, one of the most popular messaging tools, is used by 1.5 billion people monthly and it has touted its high level of security and privacy, with messages on its platform being encrypted end to end.


“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” a spokesman said.


“We are constantly working alongside industry partners to provide the latest security enhancements to help protect our users,” he said. WhatsApp did not elaborate further.


WhatsApp informed its lead regulator in the European Union, Ireland’s Data Protection Commission (DPC), of a “serious security vulnerability” on its platform.


“The DPC understands that the vulnerability may have enabled a malicious actor to install unauthorised software and gain access to personal data on devices which have WhatsApp installed,” the regulator said.


“WhatsApp are still investigating as to whether any WhatsApp EU user data has been affected as a result of this incident,” the DPC said, adding that WhatsApp informed it of the incident late on Monday.


Earlier, the Financial Times (FT) reported that a vulnerability in WhatsApp allowed attackers to inject spyware on phones by ringing up targets using the app’s phone call function.


It said the spyware was developed by Israeli cyber surveillance company NSO Group and affects both Android and iPhones. The FT said WhatsApp could not yet give an estimate for how many phones were targeted.


The FT reported that teams of engineers had worked around the clock in San Francisco and London to close the vulnerability and it began rolling out a fix to its servers on Friday last week and issued a patch for customers on Monday.


Asked about the report, NSO said its technology is licensed to authorised government agencies “for the sole purpose of fighting crime and terror,” and that it does not operate the system itself while having a rigorous licensing and vetting process. — Reuters


SHARE ARTICLE
arrow up
home icon