Government Surveillance Software Dispatched through Zero-Click Apple and WhatsApp Flaw Combination


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

  • Recent vulnerabilities in WhatsApp and Apple’s software were exploited to implement government spyware.
  • The exploits were associated with a zero-click attack requiring no user involvement.
  • Patches have been issued by Apple and WhatsApp to address the vulnerabilities.
  • Amnesty International is probing the ramifications for journalists and human rights advocates.
  • Due to security worries, the US House of Representatives has prohibited the use of WhatsApp on staff devices.
  • The NSO Group had previously been held accountable for comparable vulnerabilities linked to WhatsApp.

Zero-Click Exploit: A Rising Trend in Government Spyware

Recent information from Meta’s secure messaging app, WhatsApp, indicates vulnerabilities that might have been leveraged by an unidentified government to install spyware without user interaction. This troubling situation underscores the persistent risk of advanced cyberattacks targeting mobile devices.

Government Surveillance Software Dispatched through Zero-Click Apple and WhatsApp Flaw Combination


Flaws in Apple and WhatsApp

WhatsApp has issued a security advisory regarding a vulnerability, designated CVE-2025-55177, which was exploited along with a defect in Apple’s image handling framework. This issue detected within iOS permitted attackers to target particular users. Apple quickly addressed the memory corruption issue by releasing a patch in iOS and iPadOS 18.6.2.

WhatsApp’s Security Vulnerability

The security issue in WhatsApp originated from insufficient authorization of messages for synchronizing linked devices. This vulnerability impacted iOS application versions before 2.25.21.73 as well as other platforms, allowing unauthorized processing of content from random URLs on targeted devices.

Effects on Journalists and Human Rights Advocates

Amnesty International’s Security Labs are examining the effect of this campaign on various individuals, especially journalists and human rights advocates. Donncha Ó Cearbhaill from Amnesty highlighted that government spyware presents significant dangers and recommended that users keep their devices updated and utilize security features such as Apple’s iOS Lockdown Mode or Android’s Advanced Protection Mode.

WhatsApp Ban by the US House of Representatives

In a related action, the US House of Representatives has prohibited WhatsApp for staff devices due to its classification as a high-risk application stemming from its insufficient transparency in data handling and possible security issues. This further illustrates mounting concerns regarding the platform’s vulnerabilities.

Previous Exploits by NSO Group

Additionally, the Israeli spyware firm NSO Group was found responsible for hacking WhatsApp to target over 1400 users through the Pegasus malware. The corporation was ordered to pay US$167 million in damages to WhatsApp, representing a notable legal victory against the misuse of spyware.

Conclusion

The recent security flaws in WhatsApp and Apple’s systems emphasize the shifting dynamics of threats within cybersecurity. With attackers utilizing zero-click exploits, the critical need for strong security protocols and regular updates is clear. These events also highlight the necessity for transparency and accountability among app developers and tech companies.

Q: What does a zero-click exploit entail?

A: A zero-click exploit is a vulnerability that allows attackers to breach a device without requiring any action from the user, rendering it highly perilous and hard to identify.

Q: How can users defend themselves against such exploits?

A: Users should ensure their devices are updated with the latest security updates and activate protective features like Apple’s iOS Lockdown Mode or Android’s Advanced Protection Mode.

Q: Why was WhatsApp banned by the US House of Representatives?

A: The US House of Representatives prohibited WhatsApp due to apprehensions regarding its transparency in data protection and associated security threats.

Q: What is the NSO Group, and what role did they play?

A: The NSO Group is an Israeli spyware company held liable for hacking WhatsApp and targeting users with Pegasus malware, leading to significant legal and financial consequences.

Leave a Reply

Your email address will not be published. Required fields are marked *