Jump to content
Facebook Twitter Youtube
GFX Designer Recruitment Campaign
Moderators Recruitment

A bug allowed hacking WhatsApp and Telegram accounts with an image

OyaYansa

By OyaYansa,
in Software

 Share

Recommended Posts

OyaYansa Newbie

OyaYansa

Posted
Posted

whatsapp-telegram-robo-cuenta.jpg?itok=S

A team of researchers at security firm Check Point has revealed a vulnerability that allowed hacking of WhatsApp and Telegram accounts in a simple way: by sending a malicious image. According to the report, with this strategy attackers could take complete control of victim profiles, with access to contacts, conversations, and shared photos and videos.

From Check Point they explain that the bug could be exploited through the browser version of WhatsApp and Telegram. The web application of both platforms is synchronized with the user's device and contains a mirror of all the messages sent and received by the users, so that the security gap allowed the attacker to have free access to all the contents of the account.

According to the researchers, to take advantage of this security bug all you had to do was send a seemingly normal image with malicious code injected. In the case of WhatsApp, when the victim clicked on the photo to open it, the code that was executed allowed the attacker to enter the local storage, where the user's data is located. In Telegram it was necessary to click again to open a new browser tab and give access to local storage.

From this moment, the cybercriminals could view and download all the contents, as well as control the account at will. In this way, he could repeat the attack with the contacts of the victim by mass sending the malicious image. In addition, because the messages are encrypted end-to-end, companies are not aware of the files being sent, which prevents them from detecting malware.

virus_01.jpg?itok=_c6iYQxgvirus_02.jpg?itok=yJzTZYTevirus_03.gif?itok=PqfFn9i3

virus_04.jpg?itok=11F67suJvirus_05.gif?itok=jw3krHEQvirus_06.png?itok=LtRjLTZA

Check Point informed WhatsApp and Telegram of the vulnerability on March 7. It ensures that both instant messaging platforms tested and recognized the security issue, developing a solution for web clients that fixed the bug.

Telegram denies having been affected by the vulnerability
Following the release of the news in the media around the world, Telegram has issued a statement to deny that this vulnerability has existed. According to the company, Check Point reported that Telegram had the same problem as WhatsApp to maximize its impact on the press, and assures that in the case of its platform the security of the account has not been compromised at any time by the described technique .

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

WHO WE ARE?

CsBlackDevil Community [www.csblackdevil.com], a virtual world from May 1, 2012, which continues to grow in the gaming world. CSBD has over 70k members in continuous expansion, coming from different parts of the world.

 

 

Server Zone

Helpful Links

Important Links

VERSION 2.4.0

THEME BY TECTONICPX.COM
© 2022 CSBLACKDEVIL

Licensed to: CsBlackDevil.Com Powered by Invision Community


×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept