- A vulnerability in Facebook’s WhatsApp messaging app made it possible for attackers to spread surveillance software to mobile devices through a phone call.
- While WhatsApp users cannot check whether their device was affected, there are certain red flags people can spot that may indicate a mobile device is being manipulated by a third party.
- Visit Business Insider’s homepage for more stories.
Unfortunately, there doesn’t appear to be a definitive way to check whether a device was affected by the surveillance software. However, there are certain signs people can look for that could be helpful in discerning whether a mobile device is being unknowingly manipulated by a third party.
“One is to try and keep a look at changes in your mobile device,” said Domingo Guerra, a mobile-security expert for the antivirus-software maker Symantec. “If battery usage seems to be completely different than just recently, or if the device is running hot, because maybe it’s sending and receiving a lot of data, there may be signs that the device is compromised.”
Updating WhatsApp to the latest version and keeping your mobile phone’s operating system up to date are critical first steps if you believe your device may be affected.
WhatsApp said it discovered the vulnerability this month and promptly fixed the issue. But the company has not said how many of the app’s 1.5 billion users are estimated to be affected.
When asked whether WhatsApp users can tell whether their device has been affected, a company representative responded:
“Given the limited information we collect, it is hard for us to say with certainty the impact to specific users. We will work with human rights organizations with expertise monitoring the work of private cyber actors. Out of an abundance of caution we are encouraging all users to update WhatsApp as well as keep their mobile OS up to date.”
According to the Financial Times, the malicious software was developed by NSO Group, a controversial security firm that develops a product called Pegasus that can activate a device’s camera and microphone and scrub through emails. The company markets its product toward governments and intelligence agencies.
Because the type of malware used in this attack is usually very expensive and typically sold to governments and intelligence agencies, the average person doesn’t have much reason to be concerned, said Jay Rosenberg, a senior security researcher at the antivirus-software firm Kaspersky Labs.
“This is government-grade malware that costs millions of dollars,” he said. “Unless you’re the target of some government, then you really have nothing to worry about. Your average cybercriminal is not doing this.”
There’s no evidence to suggest that this was a large-scale attack, but NSO Group’s software has been encountered in past attempts to compromise devices belonging to activists. In 2016, for example, a prominent human-rights activist named Ahmed Mansoor received text messages with links that would have installed surveillance software from NSO Group on his phone, the watchdog organization Citizen Lab found.
Tools like Apple’s Screen Time can make it easier to keep track of the most frequently used apps on your phone, something Guerra said could be an important tactic for spotting potentially malicious behavior should your device be affected by an attack.
But a more reliable way to detect outside manipulation could be to look at which apps are eating up the most battery life and data. That’s because apps running in the background might not show up in tools like Screen Time, Guerra said. Keeping track of your regular data usage can be particularly critical, as a spike in data transfers can be a signal that something isn’t right.
Guerra suggested regularly checking metrics like data and battery usage so it’s easier to spot when something seems out of the ordinary, as well as uninstalling apps that you don’t regularly use, to limit the number of programs that could be collecting your data.
Regularly backing up your device is also important to make it as seamless as possible to switch to a new phone in the event that yours is compromised.
Our smartphones “could be the perfect spy tool,” Guerra said. “It’s got cameras front and back. It’s got microphones. It’s got GPS, so your location, your calendar … But that data is no good to anyone trying to spy on you if it stays on your device. So whatever the device is recording or collecting, it needs to be transmitted back to the attacker.”