When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Graphite was deployed in a zero-click attack, meaning no interaction from the victim was required.
Weve reached out directly to people who we believe were affected," a WhatsApp spokesperson toldBleepingComputer.
“This is the latest example of why spyware companies must be held accountable for their unlawful actions.
WhatsApp will continue to protect peoples ability to communicate privately.”
A CVE was not assigned to the vulnerability.
In theory, the attack was very simple.
Since the gadget automatically processes PDF files, the endpoint gets compromised without any action from the user.
Governments in Europe and the United States have been quite vocal in their opposition to commercial spyware.
Pegasus developer team, NGO Group, was blacklisted in the United States on November 3, 2021.
