Instant messaging application WhatsApp, owned by Facebook, has just recognized the vulnerability in its system allowed hackers to install spyware on some phones and access to the data contained in the devices.
The company confirmed in a statement that the information that they had previously published exclusively several hours earlier The Financial Times and he called on 1.5 billion users across the globe "update the application to the latest version" and keep its operating system updated as a "security measure".
WhatsApp, that It was bought by Facebook in 2014He pointed out that at that time he still can not say how many people were affected, but he assured that the victims were selected "in a specific way", so in principle it will not be a major attack.
On "spyware" or spyware which was installed in the phones "resembles" the technology developed by the cybersecurity company Israeli NGO Group, which led WhatsApp to put him as the main suspect behind the spyware program.
On vulnerability in the system, for which the company published a patch this Monday, was discovered just a few days ago and so far it is not known how long spying activities have been conducted.
On hackers made a call through WhatsApp on the phone whose data they wanted to access, and even if the recipient did not respond to the call, spyware software it was installed on the devices.
In many cases the call later disappeared from the device history, so that if he has not seen the call to enter at that time, the affected user will not be suspicious of anything.
WhatsApp said that as soon as he knew that the attacks had taken place, he warned human rights organizations (who were among the victims of spying), cyber security companies and the US Department of Justice.
That some of the organizations concerned are human rights defense platforms reinforce the inclusion hypothesis by the NSO Group, as its software was used in the past for attacks on this type of entity.
The NSO Group, which operates in a non-transparent way and for years, secretly designs spyware for its clients, including governments around the world, who use it to access mobile devices and receive information.
"Spy" had the ability to get infected to call Apple (iOS) or Google (Android).