WhatsApp users are being urged to update their apps right away due to a vulnerability that allows an attacker to install spyware just by calling a target. They don’t even have to pick up for the malicious code to be transferred. The calls may not even show up on logs.
A UK-based human rights lawyer may have been the first attempted target of the spyware, which was developed by commercial Israeli company NSO Group. Their flagship product, Pegasus, can “turn on a phone’s microphone and camera, trawl through emails and messages and collect location data.”
Some allege NSO is behind the attacks, but they have claimed otherwise. “Under no circumstances would NSO be involved in the operating or identifying of targets of its technology.”