WhatsApp: Security Flaw Discovered in Messaging App, Firm Says
No one can deny the fact that most of us enjoy chatting via WhatsApp and stay connected. WhatsApp Web and free voice calls have been the main attraction these days.
WhatsApp has around 200 million users who prefer using the WhatsApp Web version. The web version of WhatsApp allows you to chat using your desktop, instead of getting disturbed on continuous WhatsApp pings on your smartphone, while working on other important projects/assignments. Keeping aside the convenience element of WhatsApp Web, the browser is easily vulnerable to bugs. Latest media reports state that security experts claim that WhatsApp Web users could easily have their security and devices compromised.
Kasif Dekel, a Check Point security researcher recently discovered significant vulnerabilities which exploit the WhatsApp Web logic and allow attackers to trick victims into executing arbitrary code on their machines in a new and sophisticated way.
Hackers could take control over your computers by just sending a simple vCard carrying a random contact name and number. Clicking on the new vCard will allow hackers to run a malicious code on your PC/laptop, thus giving an open access to your private files, data stored on your system. Due to improper filtering of contact cards, WhatsApp Web users could fall into this trap.
This security flaw could actually compromise the private data on computers, by allowing hackers to distribute malware including ransomware, bots, remote access tools (RATs) and other types of malicious code. The Telegraph also reported that such WhatsApp Web bots can slow down your PC/ laptop and RATs give hackers remote access to the data of your PC. However, WhatsApp has been quick enough to verify and acknowledge the security issues of its Web version. It efficiently developed a bug fix on August 27. Reports state that WhatsApp has updated its software and all versions of WhatsApp Web after v0.1.4481 contain the fix for the vulnerability.
Make sure you have updated your browser and your antivirus software and also clear your browser cache regularly. We recommend WhatsApp users not to download any such native media files or business cards from unverified, unknown contacts, as it could result in malicious codes.
Credits; DeccanChronicle, (Image credit: CheckPoint)