That's interesting. How would that work? Under Android, all apps effectively run inside a Java sandbox, right? So how would the attackers be able to install spyware through Whatsapp?

There are more exploit chains for Android and iOS that can be used once RCE is achieved.

I may well be proven wrong by further revelations, but:

> Large amounts of data were exfiltrated from Bezos’s phone within hours

I could see a cross-platform WhatsApp message that leaked WhatsApp data?

They only had to spy on whatsapp, so they could do it all in the same sandbox.

Since WhatsApp whines incessantly unless you give it various permissions it might have already had the ability to access photos etc.

As well as sending whatever is in its directory or using a local priv escalation.

Through a sandbox exploit of course.