WhatsHacked? WhatsApp compromised in cyber attack

By Justin Ware. Published at May 15, 2019, in Features

If you’re one of the 1.5 billion people that use WhatsApp, you may have a problem.

That’s the advice from the Facebook owned platform, which is in damage control after a serious weakness in the app was discovered.

Israeli cyber intelligence firm, NSO Group, is accused of being the mastermind behind spyware that can gain access to the ‘encrypted’ app without user permission.

NSO has denied this accusation.

Whoever is behind the attack, it's not fantastic for users.

The vulnerability allows hackers to discretely install spyware through an infected call on the app, which affects all devices and operating systems. The malicious program is capable of trawling through call and text/message history and can activate the device camera and microphone at will.

To make matters worse, such activity isn’t reflected in activity logs, meaning users have no idea if or when they have been compromised. However, if you haven’t received any mysterious WhatsApp voice calls from unknown parties, you are likely in the clear.

It’s yet another blow to the concept of privacy in today’s world. If the world’s most ‘secure’ social media platform is so easily exploited, where is our information safe?

The number of users affected is unknown, but several victims, including a high profile UK-based human rights lawyer, have been embroiled in the breach.

What should you do?

Facebook has deployed a server-side update to help protect users against the spyware, but users are strongly advised to manually check for updates via Google Play or the App Store.

Aside from checking for updates, users can take the following steps.

  • Disable backups

By now you’re likely familiar with end-to-end encryption – a proven form of secure communication that nullifies third parties from accessing data while it’s being transmitted between devices.

The catch however, is that if you opt to backup WhatsApp via Google drive or iCloud, you aren’t protected by end-to-end encryption.

Yes, that’s right, anyone with access to your cloud accounts can get hold of your entire WhatsApp activity log. It may be worth disabling cloud backups.

  • Enable 2FA

Another step users can take is enabling two-factor authentication (2FA). It may seem simple, but it’s another layer of protection to ensure people who attempt to gain access to your account are legitimate.

To toggle your security settings on WhatsApp, go to settings > account > privacy.

If all else fails, you can always delete the app from your device and wait it out.

View Our Investment Portfolios

S3 Consortium Pty Ltd (CAR No.433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information only. Any advice is general advice only. Neither your personal objectives, financial situation nor needs have been taken into consideration. Accordingly you should consider how appropriate the advice (if any) is to those objectives, financial situation and needs, before acting on the advice.

Conflict of Interest Notice

S3 Consortium Pty Ltd does and seeks to do business with companies featured in its articles. As a result, investors should be aware that the Firm may have a conflict of interest that could affect the objectivity of this article. Investors should consider this article as only a single factor in making any investment decision. The publishers of this article also wish to disclose that they may hold this stock in their portfolios and that any decision to purchase this stock should be done so after the purchaser has made their own inquires as to the validity of any information in this article.

Publishers Notice

The information contained in this article is current at the finalised date. The information contained in this article is based on sources reasonably considered to be reliable by S3 Consortium Pty Ltd, and available in the public domain. No “insider information” is ever sourced, disclosed or used by S3 Consortium.

Australian ASX Small Cap stocks | Why Finfeed.com is Australia’s leading small cap publication

Founded seven years ago, Finfeed.com is Australia’s leading and longest standing website for investor and finance news, education and expert opinion.

Published by StocksDigital, Finfeed was created to report daily on the comings and goings of ASX listed stocks in the small cap market.

As the first digital publication dedicated specifically to this space, Finfeed soon became the most trusted publication in the market, quickly garnering over two million page views – a number that continues to rise.

Finfeed.com provides its readers with informative articles that tackle the latest in market moving #ASX small cap news, plus exclusive content you won’t find anywhere else. It is aimed at those with an interest in investing, market education, company performance, start-ups and much more.

Finfeed.com is the only media organisation operating under the strength of a Financial Services License and is backed by leading journalists and analysts all with brands of their own.

The website aims to inform, educate and entertain with content that drills down into the heart of financial matters.

Finfeed is a leading source of investor and market information, with everything investors need to know about how to invest written in a way that anyone can understand. 

Over the years, the website has expanded beyond exclusively reporting on small caps, to profile Australia’s leading ASX listed small, mid and large caps as well as some of the country’s most successful CEOs and business leaders to find out what makes them tick.

Every day you will find fresh content covering:

Fast Facts

Over 4,000 articles published

Over 2.3 Million Page Views and counting

Over 10,000 followers on social media

Subscriber list growing by 2% monthly

Thanks for subscribing!