We all know that WhatsApp and Telegram are one of the most used instant messaging services in the world. A group of Check Point investigators discovered a new severe vulnerability in WhatsApp and Telegram.
Researchers at Check Point Security announced a new attack against WhatsApp and Telegram, targeting the way both chat services process images and multimedia files. In the WhatsApp case, Check Point was able to craft a malicious image that would appear normal in a preview, but direct users to a malware-laden HTML page. Once loaded, the page will retrieve all locally stored data, enabling attackers to effectively hijack the user’s account.
“By simply sending an innocent-looking photo, an attacker could gain control over the account, access message history, all photos that were ever shared, and send messages on behalf of the user,” said Oded Vanunu, head of product vulnerability research at Check Point.
At an International Conference on Cybersecurity held at the Polytechnic Institute of Guarda, the security firm Check Point’s Rui Duro revealed that WhatsApp and Telegram messaging services had a vulnerability that allowed attackers to take complete control over Victims’ accounts, and access all personal and group conversations as well as including the photos, contact lists, videos, and other files shared from any device.
“AN ATTACKER COULD GAIN CONTROL OVER THE ACCOUNT”
Interestingly, it’s the end-to-end encryption feature of these apps that would have helped hackers take advantage of the flaw. Because the contents of chats are end-to-end encrypted, it means that neither WhatsApp nor Telegram could see the malware hidden in a shared malicious image. That means both companies would be blind to the content, allowing malicious code to be passed back and forth between users.
WhatsApp fixed the vulnerability in less than 24 hours, on Thursday, March 8, after hackers at Check Point warned the Facebook-owned firm that attacks were able to undo the end-to-end encryption protecting message content across millions, possibly hundreds of millions, of accounts. A similar issue affected the Telegram messenger app, though it required another step for the hack to work. Telegram patched on Monday.
However, if you are a user of WhatsApp Web and Telegram then it strongly advised to you to use the latest version available by restarting your browser as content on the web versions of both WhatsApp and Telegram will now be validated before the end-to-end encryption comes into play, allowing malicious files to be blocked.
Cover pic: Netivist.org