Hackers exploited WhatsApp flaw to install spyware
San Francisco: A security flaw in WhatsApp, one of the most popular messaging apps in the world, allowed sophisticated attackers to install spyware on phones, the company said Tuesday, in the latest trouble for its parent Facebook.
The vulnerability -- first reported by the Financial Times, and fixed in the latest WhatsApp update -- allowed hackers to insert malicious software on phones by calling the target using the app, which is used by 1.5 billion people around the world.
The FT cited a spyware dealer as saying the tool was developed by a shadowy Israel-based firm called the NSO Group, which has been accused of helping governments from the Middle East to Mexico snoop on activists and journalists.
Security researchers said the malicious code bore similarities to other tech developed by the firm, according to The New York Times.
The latest exploit -- which impacts Android devices and Apple's iPhones, among others -- was discovered earlier this month and WhatsApp scrambled to fix it, rolling out an update in less than 10 days.
"WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices," a spokesperson said in a statement to AFP.
The firm did not comment on the number of users affected or who targeted them, and said it had reported the matter to US authorities.
The breach is the latest in a series of issues troubling WhatsApp's parent Facebook, which has faced intense criticism for allowing its users' data to be harvested by research companies and over its slow response to Russia using the platform as a means to spread disinformation during the 2016 US election campaign.
The WhatsApp spyware is sophisticated and "would be available to only advanced and highly motivated actors", the company said, adding that a "select number of users were targeted".
"This attack has all the hallmarks of a private company that works with a number of governments around the world" according to initial investigations, it added, but did not name the firm.
WhatsApp has briefed human rights organizations on the matter, but did not identify them.
The Citizen Lab, a research group at the University of Toronto, said in a tweet it believed an attacker tried to target a human rights lawyer as recently as Sunday using this flaw, but was blocked by WhatsApp.
The NSO Group came to prominence in 2016 when researchers accused it of helping spy on an activist in the United Arab Emirates. Its best-known product is Pegasus, a highly invasive tool that can reportedly switch on a target's phone camera and microphone, and access data on it.
The firm said Tuesday that it only licenses its software to governments for "fighting crime and terror".
The NSO Group "does not operate the system, and after a rigorous licensing and vetting process, intelligence and law enforcement determine how to use the technology to support their public safety missions", it said in a statement to AFP.
"We investigate any credible allegations of misuse and if necessary, we take action, including shutting down the system.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Arnab Goswami’s Homecoming? Anchor tears into Modi Government over aviation chaos
Says, govt not going to be happy with us saying this
New Delhi: In a striking turn that surprised even his regular viewers, Arnab Goswami spent the evening of December 4 taking direct aim at the central government over the ongoing crisis in the domestic aviation sector. The debate, aired on Republic, focused entirely on the severe disruption caused by IndiGo flight cancellations and the state of air travel in the country. The tone was sharp, emotional, and openly critical, raising the larger question of whether this marks a homecoming of sorts for the anchor long accused by critics of being soft on the government.
Goswami began the show by saying the central government had “completely let down” air passengers. He pointed to chaotic visuals from airports in Pune, Ahmedabad and Mumbai, describing passengers packed into crowded spaces, long queues, and travellers lying on the floor with little access to basic facilities. He said anyone travelling with children or elderly parents would understand the distress such situations cause.
According to him, the government often claims to have improved the aviation sector, but the day-to-day experience of passengers tells a different story. He argued that whatever help the government may have extended has benefited individuals and individual companies, not the sector as a whole.
Goswami highlighted data from the last three days, saying IndiGo had canceled 1,232 flights in November. He broke down the reasons for the cancellations: 755 linked to crew and FDTL constraints, 258 due to airspace and airport restrictions, 92 because of failures in air traffic control systems, 127 for other reasons.
He said passengers in India are often “taken for granted” and that only in this country can such large-scale cancellations take place without consequences.
Throughout the debate, Goswami repeatedly returned to the theme of duopoly. He said Air India and IndiGo together control 91.5 percent of the aviation market, leaving only a small share for others like Akasa and SpiceJet. This, he said, gives the two big players the power to decide prices and escape accountability.
“They can set the prices. They can torture passengers. They can be not answerable for air crashes.” He added.
Goswami also questioned why such a structure is allowed to exist if the government claims it opposes monopolies. He asked whether the government has made Air India accountable after the recent air crash, and said he did not believe so.
“We are told that the Modi government does not like monopolies. First of all, I don't agree with that. There are too many monopolies happening.” He said.
The anchor accused Air India of operating aircraft that were not airworthy and said no serious action followed. According to him, any other minister in charge of civil aviation would have been removed after such incidents, but nothing happened.
“He is not answerable. And why is the central government not bothered about it? Because he comes from the TDP, an alliance party. So let him do,” he said.
He added that Air India continues to seek government support, including compensation for losses after the Sindhur episode. Goswami questioned why public money should be used to support the airline, drawing a comparison with the earlier controversy involving Vijay Mallya seeking help from the Manmohan Singh government a move that was labelled as scam.
Goswami said passengers are suffering because of delayed flights, sudden cancellations, and lack of compensation. He criticised the DGCA, saying it was not enforcing safety and operational norms. He also questioned why the Prime Minister’s Office had not intervened.
He noted that Republic had carried multiple exposés on these issues and claimed that Air India chooses to give interviews and advertisements only to other channels.
He also called for Parliament to debate the aviation mess and examine whether monopolies or duopolies should be allowed in a nation of India’s size.
“I'm sure the government's not going to be happy with us saying this, but someone's got to speak up for the people of this country.” He added.
Known by his critics as the “Godi Media Chief”, Goswami’s direct attack on the Modi government over civil aviation raised eyebrows across media circles.
Whether this is a one-off outburst or a sign of a new editorial direction is something viewers will be watching closely.
#AviationCollapse | India’s aviation sector is in turmoil as IndiGo’s mass cancellations and Air India’s alleged safety lapses leave passengers stranded. The disruption raises serious questions about airline management, regulatory oversight, and who is ultimately responsible for… pic.twitter.com/Dqt6pcoW8w
— Republic (@republic) December 4, 2025
