WhatsApp has pointed the finger at an Israeli firm after confirming that a sophisticated hacking group had developed a tool which could take control over victim's phones by sending them a call.

The company said the attacks carried the hallmarks of a private surveillance technology firm which reportedly works with governments to deliver spyware that takes over the mobile phone operating systems.

Although the company did not name the NSO Group, its statement matched the organisation which a number of human rights organisations have accused of working with repressive regimes to target dissidents.

Dozens of WhatsApp users, including human rights organisations and a UK-based lawyer, are thought to have been targeted after hackers exploited a major vulnerability in the app.

The attackers were able to install spyware through WhatsApp's voice call function, even if the user did not pick up the call, the company confirmed.


It has now urged users around the world to update the messaging app after it was targeted by a cyber surveillance attack.

The breach was discovered in early May and has since been fixed but WhatsApp, which claims to have more than 1.5 billion users, has urged people to update the app to the latest version.

The company said it was targeted by an "advanced cyber actor" and worked with Citizen Lab in Toronto to roll out a patch to fix the issue.

Engineers said that people who were targeted may have had one or two missed calls from a number they did not know.

But the targets did not have to answer the call in order for the code to be "shipped" and in some cases a missed call notification was wiped.

Image: WhatsApp has urged its 1.5 billion users to update their app

WhatsApp said the attack was discovered when it put additional security enhancements on their voice calls.

Meanwhile, Citizen Lab said an attacker attempted to exploit the app, and was blocked, as recently as Sunday evening.

"There's nothing a user could have done here, short of not having the app," a Citizen Lab researcher said.

The Financial Times reported the spyware was developed by NSO Group, an Israeli cybersecurity and intelligence company.

:: Listen to the Daily podcast on Apple Podcasts, Google Podcasts, Spotify, Spreaker

However, NSO Group said in a statement: "Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies.

"NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual (the UK lawyer)."

WhatsApp has not confirmed who developed the spyware but has not disputed reports blaming the NSO Group.

The NSO Group's spyware has repeatedly been found deployed to hack journalists, lawyers, human rights defenders and dissidents.

Image: The NSO group, based in the building pictured, has denied involvement

The spyware was implicated in the killing of journalist Jamal Khashoggi last year.

Alleged targets, including a friend of Khashoggi and several Mexican civil society figures, are suing NSO in an Israeli court.

WhatsApp users should ensure their phone's operating system and their version of the app are both up to date for the latest security updates.

Danna Ingleton, deputy director of Amnesty International Tech, tweeted: "Just to reiterate, this means 'zero click' targeting is actually happening. Now, more than ever, we need some accountability from this company and better Due Diligence processes in the industry."

Amnesty is backing legal action against the Israeli Ministry of Defence and demands it revokes the Group's export licence.

Ms Ingleton added: "NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics."

A National Cyber Security Council (NCSC) spokesman said: "WhatsApp have today announced a vulnerability that could have allowed users' phones to be compromised.

"The company has reportedly said that a small number of accounts have been affected and has told its users to update their apps using standard updates from the app store as a precaution.

"The NCSC has published guidance for users and always recommends that people protect their device by installing updates as soon as they become available. The NCSC also recommends that people switch on automatic updates to install them as quickly as possible."

The National Crime Agency said it had not received a criminal report but is working with the NCSC to understand any UK implications.