India’s main cyber security agency, Cert, has asked users to update WhatsApp on their phones after the discovery of a new malware on older versions of the messaging app.
The malware is triggered by a video file sent from an unknown number.
In a statement, WhatsApp said that it had no reason to believe that users’ phones were affected.
News of the new malware came soon after WhatsApp admitted that its software was used to install spyware on phones.
Facebook, which owns WhatsApp, had announced the new vulnerability in the system a few days ago.
- Pegasus breach: Will quitting WhatsApp make your phone safer?
- WhatsApp: Indians among those ‘targeted’ by spyware
It said that if users opened the video file, the software installed itself on the phone – in similar fashion to the Pegasus malware, which is believed to have been used against journalists and activists.
Cert said that the new malware allowed attackers to access phones and make changes to the device, no matter where it is geographically located.
The new malware requires users to open the video file, unlike the more sophisticated Pegasus which activated itself through a vulnerability in WhatsApp’s video calling function and did not require the call to be answered.
The messaging app has also said it has issued a security update that should take care of the malware.
India has 400 million WhatsApp users, making the country its biggest market.