WhatsApp Messenger is a freeware, cross-platform and end-to-end encrypted messaging application for smart phones and desktops. Using WhatsApp any user can make voice calls, video calls; send messages, images, GIF, videos, documents, user location, audio files, phone contacts and voice notes. WhatsApp also incorporates a new feature called Status, which allows users to upload photos and videos to a 24-hours-lifetime feed that, by default, are visible to all contacts. Telegram is a free cloud-based instant messaging service. Telegram clients exist for both mobiles, including android and other smartphones and desktops. Using Telegram users can send messages and exchange photos, videos, stickers, audio, and files of any type. Telegram also provides optional end-to-end-encrypted messaging. Both the applications are freely available on play store.
The use of WhatsApp and Telegram is increasing day by day. Today there are more than a billion users that are using WhatsApp, while Telegram claims 100 million users. Both these applications provide end-to-end encryption for better security, but now millions of WhatsApp and Telegram accounts can be hacked with just one click. Security researchers found that malicious code can be hidden inside an image. When clicked, the picture file executes the code, and the attacker gets full access to the WhatsApp and/or Telegram storage data. The attacker could then send the file to all of the victim’s contacts, spreading the malware to other targets. The bugs only affect those using the web browser services and not the mobile or desktop apps.
Hacking scenario: WhatsApp and Telegram are providing end to end encryption, and allow users to use WhatsApp’s through web. Using end-to-end encryption, only the sender and receiver are able to view the message. Hackers are taking advantage of this feature. The attackers are hiding malicious code in the image. Malicious code is in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system. When users click on the image, the picture file executes the code, and the attacker gets full access to the WhatsApp and/or Telegram storage data. Once the hacker successfully accesses storage he is able to read and write files, modify data and allow attacker to hijack user’s session using tokens stored in browser. Check Point warned an attacker could also give their hack worm-like features, forwarding the malicious photo to all victim contacts for mass compromise. A similar issue affected the Telegram messenger app.
A WhatsApp spokesperson said: “When Check Point reported the issue we addressed it within a day and released an update of WhatsApp for web. To ensure that you are using the latest version, please restart your browser.” But it’s unclear how many individuals were affected. The company declined to say what proportion of its 1.3 billion users ran WhatsApp in the browser and Telegram to patch the issue. To prevent this issue from happening again, both services will now validate content before encryption takes place, which should hopefully detect and remove malicious code before messages are sent.
Cyber Security Recommendations: WhatsApp and Telegram have fixed the issue and released new versions. Users are strictly recommended make sure that they are using updated version of WhatsApp and Telegram. Before using web features please restart your browser. Keep using updated antivirus to protect yourself from such hacking attacks. Users also need to think before clicking on any image or link.