Spring to Summer 2019
Community Strong Since 1941
Table of Contents
Visit Our Web Site
Rates
Contact Us
Share this email:Share on FacebookShare on TwitterForward To Friend
Return to All Articles
What’s Up with Whatsapp?
A cybersecurity breach in Facebook’s WhatsApp app last month left users vulnerable to spyware attacks via voice calls. An undetermined number of the 1.5 billion users of the popular messaging app may have had malicious spyware installed on their devices. 

Let’s take a closer look at the security breach and the steps you can take to protect yourself, both now and in the future. 

What happened? 

Security breaches are old news in the app world, but a breach of extremely high magnitude and reach is something new and fairly frightening. The fact that the breach hit WhatsApp is especially alarming. WhatsApp utilizes strong encryption for both voice and text messaging and is used as a communication platform for government and security officials around the world. 

Here’s how it went down: A government-grade intelligence collection tool was employed to target WhatsApp users via voice calls. The spyware has been endowed with the ability to seize control of the affected smartphones and to access any private information stored on the device. 

The spyware utilized in the attack was allegedly created by the NSO Group, an Israeli cyber surveillance company that has developed this advanced technology for the express purpose of allowing government agencies to infiltrate terrorist groups and to fight crime. Unfortunately, when the spyware fell into the wrong hands, it helped scammers pull off one of the greatest cybersecurity breaches of all time. 

The Financial Times reported that the WhatsApp breach was made possible because of a loophole in the app’s code that allowed hackers to transmit spyware onto smartphones by calling targets through the app. The malicious code could be injected into the device whether the user picked up the call or ignored it. 

According to WhatsApp, the cyber breach was first discovered in early May and had been used to target an undisclosed number of WhatsApp users. The Facebook-owned messaging company claimed it briefed human rights organizations about the breach and also asked U.S. law enforcement agencies to assist it in conducting an investigation. When WhatsApp had more definite information, it notified the public about the breach. 

Who was affected? 

It doesn’t matter what kind of phone you have; the security vulnerability affects both iPhone and Android devices. The good news is that not every version of WhatsApp was affected. To check whether the version you have on your phone was part of those impacted by the breach, check out Facebook’s official advisory confirming the vulnerability, which outlines which versions were affected. 

The messaging giant has not confirmed a specific number of targeted victims. Rather, it has only shared that a “select number of users were targeted through this vulnerability by an advanced cyber actor.”

What do I need to do now? 

Since the vulnerability that caused the breach lies in the makeup of the app and not in an unsafe or negligent practice in the hands of a user, there is no way you could have prevented your device from being affected. However, now that the facts are on the table, you can take the recommended steps to keep your device safe from this vulnerability. 

Since the breach was discovered, WhatsApp engineers have been working hard to close the app’s security vulnerability. The company has started installing a fix to servers and to private customers. It has also created an updated, safer version of the app that it has urged all users to employ on their devices as soon as possible. 

Here’s a quick guide for updating your WhatsApp. 

For iPhone usersOpen the App Store, choose updates, select WhatsApp and then click Update. 

For Android usersOpen the Play Store, click the three lines in the upper left-hand corner, choose My Apps & Games, select WhatsApp and then hit Update. 

If you haven’t yet updated your device, do it now. It only takes a few seconds of your time to make sure your WhatsApp is operating at its safest level. 

You never know when those scammers are going to hit next. Practice safe measures by always using the latest version of any application or operating system, keeping yourself in the know about recent security breaches and never sharing sensitive information online.

Stay safe!

The information contained in this email (the “Content”) is provided for informational and educational purposes only, without any express or implied warranty of any kind, including warranties of accuracy, completeness, or fitness for any particular purpose. The Content is not intended to be and does not constitute financial, investment, tax or accounting advice or a solicitation to buy or sell securities. The Content is necessarily general in nature and is not specific to you or anyone else.  YOU SHOULD CONSULT YOUR OWN INVESTMENT, TAX OR ACCOUNTING ADVISORS BEFORE IMPLEMENTING ANY ADVICE INCLUDED IN THE CONTENT. By viewing or utilizing the Content, you agree that you will not hold DocuMatix, Inc., DocuMatix Our Community Credit Union or their affiliates or agents responsible for loss or damages resulting from the Content.
Copyright 2020 Our Community Credit Union. All Rights Reserved. This email was sent to you by Our Community Credit Union located at 526 West Cedar, Shelton WA 98584.
 
If you no longer wish to receive emails from us please go here.
 
Security Key: