WhatsApp users urged to update app immediately over spying fears
India’s Computer Emergency Response Team warns of 'high' severity of spyware threat
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.WhatsApp users are being urged to update to the latest version of the app due to fears that spy agencies are snooping on people through a major security vulnerability.
The issue relates to a malicious video that allows hackers to access people’s messages simply by sharing the MP4 file across WhatsApp. The Facebook-owned messaging app fixed the bug earlier this week – but anyone who has not downloaded the latest update remains vulnerable to the hack.
India’s Computer Emergency Response Team (CERT-In) posted an advisory outlining the “high” severity of the threat, warning that it “could be exploited by a remote attacker” at any time.
The security agency issued the advisory after the Indian government said it is empowered to “intercept, monitor or decrypt... any information generated, transmitted, received, or stored” on the phones or devices of its citizens.
On Tuesday, Minister of State for Home Affairs Kishan Reddy cited the Information Technology Act of 2000 when justifying the state’s surveillance policy.
Earlier this month, 19 activists, journalists and politicians in India revealed that their WhatsApp accounts had been targeted. They were among 1,400 people around the world to receive a message warning that their digital communications may have been compromised.
“In May we stopped an attack where an advanced cyber actor exploited our video calling to install malware on user devices,” the message stated. “There’s a possibility this phone number was impacted, and we want to make sure you know how to keep your mobile phone secure.”
WhatsApp claims that this warning was not related to the recent discovery of the malicious video file and claimed that there is no evidence that this particular flaw has been exploited by hackers.
The messaging app says that these users were instead targeted with spyware developed by controversial Israeli technology firm NSO Group.
“WhatsApp is constantly working to improve the security of our service,” a spokesperson told The Independent.
“We make public reports on potential issues we have fixed consistent with industry best practices. In this instance, there is no reason to believe that users were impacted.”
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments