A recently discovered security vulnerability on WhatsApp, currently used by over 1.5 billion people worldwide, has been found to have been exploited by NSO Group developed spyware. Unlike previous exploits engineered by NSO, the WhatsApp exploit does not require target interaction with the malicious code in order for the device to be compromised. 

Citizen Lab researchers first discovered this exploit upon receiving information from a human rights lawyer indicating that they were contacted at odd hours from an unknown Swedish number. The lawyer, speaking under the condition of anonymity, is helping individuals abusively targeted by NSO group spyware, in their legal challenge against NSO. 

WhatsApp has since rolled out a security update to address the vulnerability. Despite still being in the early stages of its investigation, a WhatsApp spokesperson did not deny that the number of users targeted with this spyware “could range in the dozens.”

NSO Group’s government-exclusive spyware has a track record of being used to maliciously target human rights defenders, journalists and lawyers—many in these communities now worry that they too have been targeted in similar attacks. End-to-end encryption, as implemented on WhatsApp, is used by persecuted communities and individuals around the world to communicate securely; NSO Group’s latest spyware seeks to actively undermine this, targeting vulnerabilities in WhatsApp design, in an attempt to access encrypted information