WhatsApp is encouraging users to update to the latest version of the app after discovering a vulnerability that allowed spyware to be injected into a user’s phone through the app’s phone call function.
The spyware was developed by the Israeli cyber intelligence company NSO Group, according to the Financial Times, which first reported the vulnerability.
Attackers could transmit the malicious code to a target’s device by calling the user and infecting the call whether or not the recipient answered the call. Logs of the incoming calls were often erased, according to the report.
WhatsApp said that the vulnerability was discovered this month, and that the company quickly addressed the problem within its own infrastructure. An update to the app was published Monday, and the company is encouraging users to upgrade out of an abundance of caution.