A Major Loophole in WhatsApp Allows Hackers to Take Over Your Account

Must Read

LinkedIn Finally Rolls Out The Most Requested Feature By Users

Microsoft owned LinkedIn has recently been reported to have revamped its profile section with an amazing feature...

Facebook Without Mark Zuckerberg And Sheryl Sandberg?

Imagine Facebook without Mark Zuckerberg and Sheryl Sandberg, the current CEO and COO of the world's largest...

Google is Giving Microsoft a Taste of its Own Medicine

The latest version of the Microsoft Edge browser was launched about a month ago for Windows 10,...
Nadia Fernandeshttp://dazeinfo.com
Nadia Fernandes is a content writer by profession from the city of Mysore, India. She has a collective three years’ experience with research and content writing, and has contributed to numerous articles, blogs and creative content across digital and traditional media platforms. With an avid interest in music and teaching, Nadia spends most of her free time playing the piano, teaching music to enthusiasts in the city of Mysore, or composing. She also shares an interest in leisure reading and playing sports.

A recent finding by Check Point Software Technologies Ltd. throws light on how susceptible messaging apps are to hacking and data theft. The discovery by Check Point, mentioning especially Whatsapp and Telegram, which contain a critical security flaw in their end-to-end message encryption process. This makes both their online platforms – WhatsApp Web and Telegram Web – vulnerable to outside access.

To make their point clear, Check Point designed a malicious, innocuous file to take full control over Whatsapp and Telegram user accounts. In order to gain access, all an attacker would have to do is fake a MIME type, by crafting the HTML file to display an image preview. Once the victim clicks on the HTML file, the attacker would gain access, and the victim’s account would be taken over by the attacker completely.

The alarming case-in-point here is that while most such attacks over either Whatsapp or Telegram will give attackers access to only tidbits of the users’ data, there is also the possibility for attackers to gain absolute control over the victim’s account.

Advertisements

Once a hacker has full control of the victim’s account, he/she will be able to download the victim’s previously shared photos, videos, contact information, and will also have access to the victim’s friends’ information. This means attackers would be able to post the victim’s photos online, message on the victim’s behalf, and would even be able to take over the victim’s friends’ accounts.

Concerns regarding user privacy over messaging apps was brought to the fore by the recent WikiLeaks publication, which talked about the possibility for government organisations to access Whatsapp, Telegram, or any other end-to-end encrypted chat app. Encryption is primarily designed to ensure that only the people communicating can read the messages. But since over Whatsapp and Telegram, messages are encrypted even before they were validated, it was easy for both chat applications to turn a blind eye towards the issue. The encryption had essentially made them unable to prevent any malicious content from being sent.

After Check Point having disclosed their alarming findings to both companies’ security teams, the security teams have acknowledged that there are security and data threat issues. Both companies have now developed a fix for their web clients. Both Whatsapp and Telegram are now validating content over their platforms before the encryption process itself, allowing them to block out any seemingly malicious files. It would, however, be safer to err on the side of caution as a user and avoid downloading any content and opening any links sent by unknown users. Additionally, periodically cleaning logged-in computers from the Whatsapp and Telegram log will allow you more control over the devices that have the option to host your account.

Meanwhile, cyber-security continues to remain an issue garnering growing concern and attention. The increasing number of internet-connected devices around us allows hackers to employ a broad range of tactics to pry into hapless victims’ lives. Further, the sheer large amount of data of personal/private/confidential nature that is exchanged over networks brings with it the risks of data leakage, data theft, and cyber attack by hackers.

Interestingly, Telegram, which accounted for about 87% of downloads worldwide in 2016, not only makes it the most downloaded messaging app in 2016, but is also what users considered the most secure. Even though Whatsapp also uses an end-to-end message encryption technology, users seem sceptical about the amount of security the app can really offer.

Advertisements

As of January 2017, however, Whatsapp, with over 1.2 billion monthly active users is the still most popular mobile messaging app, followed very closely by Facebook messenger. Telegram, with just about 100 million monthly active users is slowly gaining popularity and catching up with Whatsapp, thanks to the amount of security it provides.

With about $5.75 billion being the estimated size of the global mobile security market in 2019, one can only imagine the proportionate growth in security breaches and data thefts over the next three years. Let’s not forget the growing security concerns for mobile applications in general, and specifically to Instant messaging applications.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Apple, TikTok Hiding Something That Could Be The Cause Of Concern?

Apple and TikTok have reportedly denied testifying at a congressional hearing in March concerning their ties and...

This E-Commerce Underdog Is Challenging Biggies Such As Amazon And Flipkart In India

The eCommerce market in India is flourishing like before. All thanks for exploded adoption of Internet and Smartphone. Amazon and Flipkart are...

Is Amazon Hand In Glove With Fraudulent Delivery Partners in India?

Amazon.com, Inc. (NASDAQ:AMZN) is a global tech behemoth largely driven by the growth of its eCommerce business. They have long boasted about...

Warren Buffett Acquires An iPhone, And It’s Huge Technological Upgrade For Him!

Yes, you read it right; Warren Buffett has acquired an iPhone, finally! One of the world's richest people on...

PayPal To Throw Their Hat In The Ring For UPI Payments Service In India

It was more than two years ago wherein Paypal, the global digital payments giant decided to launch its operations in India in...

Microsoft B2B Startup Program: $10 Million For 100 SaaS Based Startups In India!

A new first of its kind Microsoft B2B startup program to help SaaS-based startup is announced today. Microsoft Corporation...

In-Depth: Dprime

YouTube Should Have Bid Adieu To Dislike Button Much Earlier?

Online video sharing platform YouTube can be a ruthless place for content creators targeted by 'dislike mobs'. And the site owners totally understand that...

Facebook Has Pulled Off A Masterstroke By Integrating Its ‘Family Of Apps’?

It’s indeed hard to believe that ONE man sitting at Menlo Park, oversees how nearly a third of the world’s population interacts with each...

Facebook’s Crunch Conquest: By Relying Largely On The US Market, Is Facebook Running a Risk?

Two billion! That's Facebook, Inc. (NASDAQ: FB) for you - Right when you thought that this social-media giant has already connected the entire world, it's...

More Articles Like This