image credit: Pixabay

WhatsApp flaw used to install spyware by simply calling the target

May 14, 2019

A security vulnerability in the popular Facebook-owned end-to-end encrypted messaging app WhatsApp allowed attackers to install spyware on smartphones without any user interaction, Financial Times has reported.

The exploitation of the flaw could be triggered by making a WhatsApp call to the target device and manipulating the data packets sent to it when the call is started.

Targets do not have to take the call in order for the exploit to work, and the attackers, once they gain access, can later even delete the call from the app’s call log, erasing all overt evidence of the attack.

Read More on Help Net Security