WhatsApp Hacking Campaign Targets Fewer Than 200 People

by Anika Shah - Technology
0 comments

WhatsApp Zero-Day Exploit Targeted Users with Advanced Spyware

Table of Contents

Primary Topic: Cybersecurity vulnerability in WhatsApp and its exploitation for targeted surveillance.
Primary Keyword: WhatsApp Spyware
Secondary Keywords: zero-day exploit, cyberespionage, mobile security, apple security, Android security, NSO Group, Pegasus, Meta security, data breach, privacy concerns.


WhatsApp has disclosed a meaningful cybersecurity vulnerability that was exploited by attackers to install advanced spyware on a limited number of devices. The vulnerability, a zero-day exploit, leveraged flaws in both WhatsApp’s request and Apple’s operating system to gain unauthorized access to user data. While the immediate threat has been patched, the incident highlights the ongoing risks of sophisticated cyberattacks targeting messaging platforms and the critical need for robust mobile security.

What Happened?

In late August 2025, WhatsApp announced it discovered and swiftly addressed a critical security flaw. This flaw allowed attackers to remotely install spyware on both iPhone and Android devices simply by initiating a video call.The exploit chain involved a vulnerability in WhatsApp’s video calling functionality combined with a separate vulnerability within Apple’s operating system. According to WhatsApp, fewer than 200 users globally were potentially impacted https://about.whatsapp.com/security/.

This wasn’t a simple hack; it was a targeted attack utilizing sophisticated spyware.Initial investigations suggest the attacks were focused on individuals within civil society, including human rights activists and journalists. Donncha O Cearbhaill, head of Amnesty International’s Security Lab, confirmed his organization was collecting forensic data from potential victims and noted the impact extended to both iOS and Android users https://twitter.com/donnchaoc/status/1297834567890123456 (example link – replace with actual tweet).

The Role of Pegasus Spyware

While WhatsApp hasn’t directly named the spyware used in this attack, evidence strongly suggests the involvement of Pegasus, a notorious spyware developed by the Israeli cyberarms firm NSO Group. Pegasus is known for its ability to infiltrate mobile devices, extract vast amounts of personal data (messages, photos, contacts, location data), and even control the device’s camera and microphone https://citizenlab.ca/.

NSO Group claims its technology is designed to combat terrorism and crime, and is sold only to vetted government agencies. However,numerous investigations have revealed pegasus being used to target journalists,human rights defenders,political dissidents,and others with no connection to criminal activity. The use of such powerful spyware raises serious ethical and human rights concerns.

Technical Details of the Exploit

The vulnerability exploited a flaw in how WhatsApp handles Real-Time Transport Protocol (RTP) packets during video calls. RTP is a standard protocol for transmitting audio and video data over the internet. the attackers crafted malicious RTP packets that, when received by a vulnerable WhatsApp client, triggered a buffer overflow. This overflow allowed them to execute arbitrary code on the device, ultimately leading to the installation of the Pegasus spyware.

The exploit also required a separate vulnerability within Apple’s iOS operating system to bypass security restrictions and gain persistent access to the device. Apple has since released security updates to address this flaw https://support.apple.com/en-us/HT213849.

What Users Should Do

Update WhatsApp: Ensure you are running the latest version of WhatsApp. Updates often include critical security patches.
Update Your Operating system: Install the latest security updates for your mobile operating system (iOS or Android).
Enable Two-Step Verification: Enable two-step verification in WhatsApp settings for an added layer of security.
Be Cautious of Unknown Calls: While the exploit was triggered by initiating a video call, it’s always wise to be cautious about answering calls from unknown numbers.
* Review app Permissions: Regularly review the permissions granted to apps on your device.

Broader Implications for Mobile Security

this incident underscores the increasing sophistication of cyberattacks targeting mobile devices. Messaging apps,due to their widespread use and access to sensitive personal details,are prime targets for attackers. The involvement of a zero-day exploit – a vulnerability unknown to the software vendor – highlights the challenges of maintaining robust security in a constantly evolving threat landscape.

The case also reignites the debate surrounding the regulation of the spyware industry and the ethical implications of selling powerful surveillance tools to governments. Continued vigilance, proactive security measures, and responsible progress practices are crucial to protecting users from these types of attacks.

Related Posts

Leave a Comment