WhatsApp says a vulnerability in the popular communications app let mobile phones be infected with sophisticated spyware with a missed in-app call alone. Repeated calls - even if not attended - over WhatsApp let the hackers install spyware on both iPhone and Android devices. The call log then could disappear removing all trace of the deception, the Financial Times reported.
The Facebook subsidiary says "an advanced cyber actor" infected an unknown number of people with the malware, which it says it discovered in early May.
Reportedly, WhatsApp was working on finding and fixing the issue as late as Sunday but no one is sure of exactly how many phones were targeted in the hack. A WhatsApp spokesman who would not be further identified said an amount in the dozens at least would not be inaccurate.
WhatsApp said the attack had all the hallmarks of a private company known to work with governments to infect phones.
According to 2019 stats released online by a marketing agency, the app has 1.5 billion active users across the globe, in over 180 countries. WhatsApp said it contacted human rights groups, quickly fixed the issue and pushed out a patch.
WhatsApp call feature is not enabled in the UAE as of now.