WhatsApp malware is in the news again as the messaging app’s parent company, Facebook, is filing a lawsuit against the NSO Group — an Israeli hacker collective.
Even though NSO hasn’t admitted to any wrong doing, there’s no denying that at least 1,400 users were affected by the spyware.
It wasn’t all that hard to pull off either. Hackers apparently used a bug in the software to by-pass the encryption and install malware by giving a missed call. Once it was installed, the hacker could control the phone remotely using its cameras and microphones to spy on the user.
Here are a few things to keep in mind to keep such spyware from finding its way onto your phone:
Update, update, update — and then update some more
Negative factors are constantly looking for vulnerabilities to exploit or a weakness in software in order to break through.
The NSO Group hack of WhatsApp was done through giving missed calls. So, the user really didn’t have a lot of control over how the malware came to be installed on their phone.
For any app, not just WhatsApp, updates don’t bring new features but extra security. Most updates include security patches that make the app more secure to use and keep hackers from getting through.
Always update your apps and your phone as soon as possible. Note that if you don’t connect to the Wi-Fi, Google won’t automatically update the apps on your phone — you’ll have to manually tell the Play Store to download updates over the phone’s network.
2-factor authentication takes a little more time, but it’s worth it
There was a time when people didn’t necessarily stop at red lights in order to shave off a few seconds from their commute to work. Then the awareness campaigns asked drivers if those few seconds were really worth their life.
The same logic applies to WhatsApp. It takes a few extra seconds to login but 2-factor authentication can make the difference between your data staying private or falling into the hands of a stranger.
This isn’t just a good practice to have in place for WhatsApp but also for any online interface — including popular platforms Gmail, Instagram, Twitter and Facebook.
WhatsApp is encrypted, the cloud is not
Yes, WhatsApp has end-to-end encryption but that courtesy is only restricted to messaging service. The minute you backup your data to the cloud or any external server, the data is no longer WhatsApp’s responsibility.
This means that if a hacker wants access to your data, they don’t need to hack your WhatsApp account — they can directly hit your drive instead.
In November last year, WhatsApp said that it wouldn’t be backing up data to its own servers. User data will now be saved on their respective Google Drive or the iCloud.
So if you’re really paranoid about your safety — backing up WhatsApp might be something that you want to disable.
Know what’s going on in your settings
Deciding whether to back up your WhatsApp chats is only one part of the story. The messaging platform offers a whole host of other settings as well — like controlling if ‘last seen’ shows up, how many people you share your ‘Status’ with, and even the blue tick marks that indicate whether a message has been read or not.
It might not keep your account from getting hacked, but does give you more control over the information being disseminated.
Ask yourself if it’s a really big deal
Getting hacked isn’t the most pleasant feeling in the world but you really have to ask yourself if it’s that big a deal. Individuals who are in the public eye or are sharing state secrets over WhatsApp might have a reason to be paranoid. Otherwise, it’s probably better to take a deep breath, relax and let it go.