A group of researchers from cyber security firm Check Point revealed Wednesday that the web browser version of these popular encrypted-messaging apps had flaws that could have let hackers access and alter user accounts.
“This means that attackers could potentially download your photos and or post them online, send messages on your behalf, demand ransom, and even take over your friends’ accounts,” the researchers wrote in a blog post published Wednesday.
Check Point Discloses Vulnerability that Allowed Hackers to Take over Hundreds of Millions of WhatsApp & Telegram Accounts
The exploitation of this vulnerability starts with the attacker sending an innocent looking file to the victim, which contains malicious code.
The file can be modified to contain attractive content to raise the chances a user will open it. In WhatsApp, once the user clicks to open the image, the malicious file allows the attacker to access the local storage, where user data is stored. In Telegram, the user should click again to open a new tab, in order for the attacker to access local storage. From that point, the attacker can gain full access to the user’s account and account data.
The attacker can then send the malicious file to the all victim’s contacts, opening a dangerous door to a potentially widespread attack over the WhatsApp and Telegram networks.
Since messages were encrypted without being validated first, WhatsApp and Telegram were blind to the content, thus making them unable to prevent malicious content from being sent.
Check Point disclosed this information to WhatsApp’s and Telegram’s security teams on March 7th.
Both companies have verified and acknowledged the security issue and developed a fix for web clients worldwide soon after. “Thankfully, WhatsApp and Telegram responded quickly and responsibly to deploy the mitigation against exploitation of this issue in all web clients,” said Oded Vanunu. WhatsApp and Telegram web users wishing to ensure that they are using the latest version are advised to restart their browser.
Following the patch of this vulnerability, content is now validated by WhatsApp and Telegram before the encryption, allowing them to block malicious files.
Security Tips
While WhatsApp & Telegram have patched this vulnerability, as a general practice we recommend the following preventive measures:
- Periodically clean logged-in computers from your WhatsApp & Telegram. This will allow you to control the devices that are hosting your account, and shut down unwanted activity.
- Avoid opening suspicious files and links from unknown users.
Check Point did not specify how many messaging accounts were at risk, but did say the flaw posed a danger to “hundreds of millions” of users accessing the messaging platform from Web browsers in computers, as opposed to mobile applications.
Site Title 