WhatsApp on Monday urged all of its 1.5 billion users to update their apps as an added precaution against hackers who remotely install surveillance software on phones and other devices.
According to reports, the hackers were able to operate using a major vulnerability in the messaging app.
WhatsApp, which is owned by Facebook, said the attack targeted a “select number” of users, and was orchestrated by “an advanced cyber actor”.
A fix was rolled out on Friday.
The attack was developed by Israeli security firm NSO Group, according to a report in the Financial Times.
The attack was first discovered earlier this month, according to the BBC.
READ: N450m Fraud: EFCC presents more witnesses against Bulama, four others
It involved attackers using WhatsApp’s voice calling function to ring a target’s device. Even if the call was not picked up, the surveillance software would be installed, and, the FT reported, the call would often disappear from the device’s call log.
WhatsApp told the BBC its security team was the first to identify the flaw, and shared that information with human rights groups, selected security vendors and the US Department of Justice earlier this month.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” the company said on Monday in a briefing document note for journalists.
The firm also published an advisory to security specialists, in which it described the flaw as: “A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.”
![Rev. Fr. Anthony Odiong, a US-based Nigerian Louisiana Catholic priest, was arrested in Florida on Tuesday for possessing child pornography, according to law authorities. The suspect is reportedly accused of many other cases of sexual assault. The Waco, Texas, Police Department announced in a Facebook post on Tuesday that officers detained Father Anthony Odiong in Ave Maria, Florida, with assistance from the United States Marshals Service. Waco police announced in March that they had received "credible information" about a sexual assault allegedly committed by Odiong in Texas in 2012. “During the subsequent investigation, a case of possession of child pornography was uncovered,” the police said. The priest was apprehended in Florida by the Caribbean Regional Fugitive Task Force. The Waco Police Department said that he will be extradited to Texas. Odiong had previously served in the Archdiocese of New Orleans before being removed as priest in December of last year due to controversy over homilies in which he claimed, among other things, that the Catholic Church was being taken over by "the gays." At the time, the priest was also accused of abusive behaviour; a Louisiana lady claimed in U.S. bankruptcy court that Odiong had committed both financial and sexual abuse against her. Prior to joining the New Orleans Archdiocese, Odiong served in at least two Texas parishes. On Tuesday, Waco police stated that during their sexual assault investigation, "the presence of other survivors was revealed." “Multiple women have come forward to tell similar experiences as the sexual assault survivor who reported the initial allegation,” the police department said. “Survivors’ experiences ranged from sexual assault and indecent assault, more commonly recognised as groping, and financial abuse, with some survivors experiencing every element of Anthony Odiong’s manipulation.” The police said they “believe there may be more survivors, and we wish to speak with anyone who [has] had similar encounters” with the priest. The Archdiocese of New Orleans issued a brief news release on Tuesday noting Odiong's arrest in Florida. The archdiocese “encourages anyone with any information to contact law enforcement,” the release said.](https://chronicle.ng/wp-content/uploads/2024/08/ezgif-6-4730550ede-450x300.jpg "Odiong: US-based Nigerian Catholic priest convicted over sexual assault")