Some phones may have been infiltrated, installed with spyware due to flaw in messaging app
The Telecommunications Regulatory Authority (TRA) issues a notice to WhatsApp users in UAE following a discovery of a security breach in the messaging app
Dubai: The UAE Telecommunications Regulatory Authority (TRA) urged residents late Tuesday to update their WhatsApp right away as a precaution following reports that some phones may have been hacked.
The notice was issued after the Facebook-owned firm admitted that a security flaw in its messaging tool has enabled cyber attackers to infiltrate some devices, including Android and iPhones, and remotely install a spyware.
The malicious implant, first discovered earlier in May, was reportedly developed by an Israeli company whose flagship product called Pegasus can activate a phone’s microphone or camera, and access any information stored in the device with just one WhatsApp call.
“Due to detecting a vulnerability in WhatsApp mobile application in the beginning of May 2019, which put your smart device at risk of penetration, we advise you to update the application to its latest version,” the TRA said in a message posted on social media.
Users can benefit from the security fix by accessing the latest version of the app through the Google Play Store or Apple Store.
The messaging application is used by 1.5 billion worldwide. According to Financial Times, which first reported the security breach, attackers were able to install a surveillance software on people’s phones by ringing up the targeted devices using the app’s call function.
The programme could be deployed even if users did not answer the WhatsApp calls. It is not clear how many phones have been infected, but technical experts are believed to have plugged the loophole.
On Monday, WhatsApp rolled out the latest version of the app and users have since been told to update to it, to steer clear of any possible attacks.
Although WhatsApp calls don’t work in the UAE, the TRA advised users across the country to take the cyber security notice seriously.