The WhatsApp and Telegram vulnerability has allowed hackers to gain complete control over user accounts, including chat tracking, access to photos, audio and video, and contacts.
“The new vulnerability has exposed hundreds of millions of WhatsAppa Web and Telegram Web users to the risk of taking over an entire account,” said Oded Vanunu, head of vulnerability research at Check Point, who discovered and reported the threat. – By sending an innocent-looking photo, the attacker could take control of access to history, photos and news.
The vulnerability detected allowed an attacker to send a malicious code hidden in a graphic file. At the moment the victim opened the image, the attacker gained full access to her account. Then by sending a malicious file to all contacts, he could repeat the incident to a much larger scale.
WhatsApp and Telegram are some of the most popular instant messengers with 1 billion and 100 million users worldwide. Due to the security of this encrypted end-to-end message, the programs are generally recognized as very well protecting the privacy of the users. Unfortunately, the encryption itself has proven to be a source of danger in a sense. Because messages were encrypted on the sender’s side, WhatsApp and Telegram were unable to reach the content, and consequently were unable to identify the malicious content before sending.