EVERYONE'S FAVOURITE DUMPSTER FIRE Facebook's 'data breach of the week' goes to subsidiary WhatsApp, after it emerged that the company has inadvertently allowed hackers to install surveillance software on user's devices.
The company says that the attack, which was first spotted earlier this month, affected a "select" group of and is the result of action from "an advanced cyber actor" (Max Headroom?).
The attackers were able to install spyware through WhatsApp's voice call function, even if the user did not pick up the call.
There's a very good chance that this was a State sanctioned hack, though which state isn't clear. However, the FT reports that the spyware was developed by Israel's NSO Group, whose Pegasus malware was previously used to target Amnesty International.
People in the public eye - lawyers, activists, and anyone with a track record of speaking out on human rights - are the most likely targets, along with journalists.
As such, the INQ team have locked their phones in a Faraday Cage until all this blows over, as is clearly the rational course of action, though we suspect a band of grubby tech-hacks was not what the perpetrators had in mind.
"This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems," WhatsApp said in a statement to the FT.
"We have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society."
The revelation is particularly embarrassing for WhatsApp, which has built its entire business model on safe, secure, end-to-end encrypted messaging.
The idea that someone could hack their way into viewing all those supposedly secure messages with what seems like relative ease is a big kick in the teeth, not just for users, but for the entire business model.
Facebook is currently working on bringing together the messaging platforms of Facebook (Messenger), Instagram and WhatsApp, to give them all a commonality, cross-chat functionality and most importantly, end-to-end encryption. Early indications are that this will happen at the end of this year or the beginning of next.
It's quite plausible that this project allowed Facebook to spot the hack in the first place.
Facebook Towers has confirmed that a patch was rolled out last Friday before the press even got hold of the story. Still didn't contain it though, did it? Silly, silly Facebook.
The advice is simple - check your app store, if you have an update for WhatsApp waiting, for goodness sakes, install that bad boy. Like, now. μ
Now you can watch documentaries about horribly disfigured people whenever you like
Brad to the bone
Being in a minority of one doesn't make you right
WeWork needs a rework