New figures reveal victims lost over £63m to investment fraud scams on social media
Figures released by the City of London Police show criminals continue to use popular social media apps to advertise investment scams and contact potential victims.
A vulnerability in the messaging app allowed it to be infected with spyware with a missed in-app call function.
Cyber attackers were able to install spyware on WhatsApp through its voice call function, even if the user didn't pick up the call. Often, the call would disappear from the device’s call log, so no visible trace was left.
Dozens of WhatsApp users including human rights organisations and a UK based lawyer may have been targeted in the attack which exploited a major vulnerability in the app in an attempt to take over the operating system.
The breach was discovered in early May and has since been fixed. Users are urged to update their app to the latest version.
But Citizen Lab at the University of Toronto has said an attacker attempted to exploit the app, and was blocked, as recently as Sunday evening.
The Financial Times reported the spyware was developed by NSO Group, an Israeli cybersecurity and intelligence company.
Although the group has not been confirmed, WhatsApp said it did not refute any coverage related.
Top Tips:
Facebook is urging WhatsApp users to upgrade to the latest version of its messaging service
Android: Go to Play Store, then tap Menu > My apps & games. Tap UPDATE next to WhatsApp Messenger
iPhone: Go to App Store, then tap Updates. Tap UPDATE next to WhatsApp Messenger
https://news.sky.com/story/whatsapp-confirms-surveillance-attack-by-advanced-cyber-actor-11719463