HomeInternetHackers could have hijacked WhatsApp, Telegram using a single image

Hackers could have hijacked WhatsApp, Telegram using a single image

WhatsApp Icon

Security firm Check Point recently disclosed some worrying holes in WhatsApp and Telegram which could have left millions of users vulnerable to attacks. Both services use end-to-end encryption to ensure complete privacy, making sure only the people involved can see the messages being sent.

However, this feature turned out to have a severe vulnerability which specifically affected WhatsApp Web and Telegram Web, the chat apps’ desktop clients. Since all messages are encrypted without going through a validation process, the two were unable to seek out and prevent dangerous content from being delivered.

Hackers may have thus exploiting this hole by sending a malware-laden file to their target. WhatsApp Web patrons would then have to open the image to allow access to their local storage. It gets a bit more complicated for Telegram Web users since they would have to open the photo in a new tab for the attacker to gain entry.

Also See: WhatsApp’s bringing back text-only statuses

Once the door has been opened, hackers could take over accounts on any browser, snoop through a victim’s WhatsApp conversations, send the infected file to their contacts, and access their photos and videos. The attackers may have even been able to do things like ask for a ransom or post pictures online.

Check Point says that it informed WhatsApp and Telegram about the issue on 7 March. The two have since worked on the problem and delivered a fix. Both are now advising consumers to restart their browser to guarantee they’re using the latest version.