The Ministry of Electronics and Information Technology (MeitY) of India has asked WhatsApp for details on the recent spyware attack, that allowed hackers to spy on users, and any corrective measures taken.
The Ministry also asked the authorities of WhatsApp whether any users in India have been affected in the incident, after which it will decide whether to issue an advisory to government officials, who use the messaging app, the Economics Times Reported.
“We sent an email to WhatsApp asking them to explain the vulnerability and steps undertaken to address the situation,” the Ministry said in a statement. “We are concerned over this and we know this is a global issue, but we need to understand if any Indian users have also been hit by this. But this stokes the larger issue of national cybersecurity and how to regulate this sphere.”
Quoting the incident as “highly sophisticated attacks”, WhatsApp stated that it informed the U.S. law enforcement agencies about the incident for further investigation.
The comments from the Indian Ministry comes after WhatsApp revealed that it discovered a vulnerability in its network system that allowed hackers to install spyware via an infected WhatsApp voice call. The Facebook-owned social messenger stated the spyware can exploit the mobile device, its calls, texts, and other data. It can also activate the phone’s camera, microphone, and able to perform other malicious activities. According to Facebook, the malicious spyware was developed by Israel-based cyber intelligence company NSO Group.
Following the attack, Pavel Durov, the creator of the popular messaging app Telegram, took to the internet to slam WhatsApp. In his blog post, Durov wrote an article, Why WhatsApp will never be secure, criticizing WhatsApp on its latest data breach.
“This news didn’t surprise me though. Last year WhatsApp had to admit they had a very similar issue a single video call via WhatsApp was all a hacker needed to get access to your phone’s entire data,” Pavel Durov stated in his blog post. Every time WhatsApp must fix a critical vulnerability in their app, a new one seems to appear in its place. All their security issues are conveniently suitable for surveillance and look and work a lot like backdoors.”
“Unlike Telegram, WhatsApp is not open source, so there’s no way for a security researcher to easily check whether there are backdoors in its code. Not only does WhatsApp not publish its code, they do the exact opposite: WhatsApp deliberately obfuscates their apps’ binaries to make sure no one is able to study them thoroughly,” Durov added.