Government Surveillance Software Dispatched through Zero-Click Apple and WhatsApp Flaw Combination
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
- Recent vulnerabilities in WhatsApp and Apple’s software were exploited to implement government spyware.
- The exploits were associated with a zero-click attack requiring no user involvement.
- Patches have been issued by Apple and WhatsApp to address the vulnerabilities.
- Amnesty International is probing the ramifications for journalists and human rights advocates.
- Due to security worries, the US House of Representatives has prohibited the use of WhatsApp on staff devices.
- The NSO Group had previously been held accountable for comparable vulnerabilities linked to WhatsApp.
Zero-Click Exploit: A Rising Trend in Government Spyware
Recent information from Meta’s secure messaging app, WhatsApp, indicates vulnerabilities that might have been leveraged by an unidentified government to install spyware without user interaction. This troubling situation underscores the persistent risk of advanced cyberattacks targeting mobile devices.
Flaws in Apple and WhatsApp
WhatsApp has issued a security advisory regarding a vulnerability, designated CVE-2025-55177, which was exploited along with a defect in Apple’s image handling framework. This issue detected within iOS permitted attackers to target particular users. Apple quickly addressed the memory corruption issue by releasing a patch in iOS and iPadOS 18.6.2.
WhatsApp’s Security Vulnerability
The security issue in WhatsApp originated from insufficient authorization of messages for synchronizing linked devices. This vulnerability impacted iOS application versions before 2.25.21.73 as well as other platforms, allowing unauthorized processing of content from random URLs on targeted devices.
Effects on Journalists and Human Rights Advocates
Amnesty International’s Security Labs are examining the effect of this campaign on various individuals, especially journalists and human rights advocates. Donncha Ó Cearbhaill from Amnesty highlighted that government spyware presents significant dangers and recommended that users keep their devices updated and utilize security features such as Apple’s iOS Lockdown Mode or Android’s Advanced Protection Mode.
WhatsApp Ban by the US House of Representatives
In a related action, the US House of Representatives has prohibited WhatsApp for staff devices due to its classification as a high-risk application stemming from its insufficient transparency in data handling and possible security issues. This further illustrates mounting concerns regarding the platform’s vulnerabilities.
Previous Exploits by NSO Group
Additionally, the Israeli spyware firm NSO Group was found responsible for hacking WhatsApp to target over 1400 users through the Pegasus malware. The corporation was ordered to pay US$167 million in damages to WhatsApp, representing a notable legal victory against the misuse of spyware.
Conclusion
The recent security flaws in WhatsApp and Apple’s systems emphasize the shifting dynamics of threats within cybersecurity. With attackers utilizing zero-click exploits, the critical need for strong security protocols and regular updates is clear. These events also highlight the necessity for transparency and accountability among app developers and tech companies.