Facebook’s WhatsApp, a popular messaging tool used by 1.5 billion people monthly, said on Tuesday a security breach on its app had signs of coming from a private company working on surveillance and it had referred the incident to the U.S. Department of Justice.
WhatsApp touts its high level of security and privacy with messages on its platform being encrypted end to end so that WhatsApp and third parties cannot read or listen to them.
Earlier, the Financial Times reported that a vulnerability in WhatsApp allowed attackers to inject spyware on phones by ringing up targets using the app’s phone call function.
It said the spyware was developed by Israeli cyber surveillance company NSO Group — best known for its mobile surveillance tools — and affects both Android and iPhones. The FT said WhatsApp could not yet give an estimate of how many phones were targeted.
Amnesty International Israel said if the reports of the attack were true, it exemplified its claim to an Israeli court that the Israeli Ministry of Defence should revoke the export license of the NSO Group.