WhatsApp users are being urged to update their app immediately thanks to a security flaw that allowed hackers to remotely hijack smartphones through the software’s voice calling function.

According to security researchers, hackers were able to plant the spyware on dozens of smartphones around the world by repeatedly calling the victim on the app. Once installed, hackers were able to access the victim’s smartphone data, and activate their camera and microphone remotely.

Who is affected?

Here’s the good news: although the security flaw is found across all older versions of WhatsApp, experts say the general public is not the main target of this attack.

The spyware was reportedly developed by Israeli cyber intelligence firm NSO Group. The cyber intelligence firm’s malicious software been used to target journalists, human rights defenders and lawyers.

“What the NSO Group and companies like that do is focus their efforts on the most popular pieces of software and try to identify vulnerabilities that they can sell; that they can weaponize,” cybersecurity expert Claudiu Popa told CTV News Channel.

“This is a very targeted use too—in other words, the public at large does not need to fear this, but it certainly is a concern from an activism perspective.”

How can you protect yourself?

That said, all 1.5 billion WhatsApp users worldwide are being advised to update their app as soon as possible to protect themselves in the event that the spyware becomes more widespread.

Facebook, which owns WhatsApp, issued a patch to correct the issue Tuesday. That means all you have to do to protect yourself is update your app to the most recent version available.

On iPhone:

  • Open the App Store and tap “Updates”
  • Find “WhatsApp” on the list and tap “Update”

On Android:

  • Open the Play Store and tap the three lines in the upper left corner
  • Select “My Apps & Games” from the menu
  • Select “WhatsApp” and tap “Update”

Security experts also recommend enabling automatic updates on your device to ensure you receive the latest security patches for all apps once they are made available.