WhatsApp, Telegram Flaw Gives Hackers Full Account AccessWhatsApp, Telegram Flaw Gives Hackers Full Account Access
A new vulnerability discovered in popular messaging services like WhatsApp and Telegram lets hackers assume complete control over accounts.
March 15, 2017
A newly discovered vulnerability within WhatsApp Web and Telegram Web, online platforms for two popular messaging services, lets cybercriminals fully take over user accounts and access conversations, photos, videos, contact lists, and other shared files.
The flaw lets hackers send their victims malicious code disguised within a seemingly innocent picture. When victims click the image, attackers have access to all of their storage data and can spread the harmful file through users' contact lists.
Both WhatsApp and Telegram employ end-to-end message encryption so only the participants in a conversation can view messages. This data security measure was the source of the vulnerability. Because content was encrypted on the sender's side, the two platforms did not see the content and couldn't prevent harmful files from being sent.
Check Point researchers revealed the vulnerability and disclosed its findings to the WhatsApp and Telegram security teams on March 8. Now content will be checked pre-encryption to stop malicious files from being sent.
Read more here.
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023