Don’t Download Images on WhatsApp, Hackers Could Steal Your Data

WhatsApp and Telegram’s end-to-end encryption is too safe for its own liking. This week, a security software company has reported that a malware vulnerability, on both the messaging platforms, has raised serious data security concern.

If the knowledge falls into the wrong hands, it could compromise data of millions of WhatsApp and Telegram users. As scary as this might sound, the threat has been notified to WhatsApp and Telegram, and has been fixed at the time of publishing this piece.

The report has been shared by Check Point Software Technologies, who have clearly indicated that downloading images and videos on your phone from these platforms could be riskier than they could imagine.

Saket Modi, CEO and Co-founder at Lucideus TechWhen you talk about certain file formats –PDF, doc files, videos – that you can see on WhatsApp and Telegram, they need to be downloaded first, and then executed on your system to view their content.    

End-to-end encryption is designed to ensure that only the people communicating can read the messages and nobody else in between.

This has been lauded by many people, including the users, so that no misuse of such data happens. But as it turns out, hackers could even turn this strong point to their benefit.

This same mechanism has also been the origin of a new severe vulnerability, which the folks at Check Point have been able to discover in both – WhatsApp and Telegram, albeit just the web version.

Check Point Software Blog The reason this flaw works is because WhatsApp and Telegram support HTML, Text and video format files to be sent to each other.

How it Happened?

Check Point was quick to point out that since messages were encrypted without being validated first, WhatsApp and Telegram were blind to the content, thus making them unable to prevent malicious content from being sent.

It adds that the affected HTML files would look like a normal image, and clicking on that image would navigate you to the infected page, and in turn, the data stored in your internal storage will be sent to the hacker.

How the malware could lead to loss of data. (Photo Courtesy: Check Point)

Speaking to Saket Modi, Co-founder at Lucideus, a cyber security firm, we got some interesting insights into how the web version of WhatsApp or Telegram could be more prone to such attacks than the mobile version.

He also pointed out the core reason or matter that leads to this vulnerability to take place.

Saket Modi, CEO and Co-founder at Lucideus TechWith an HTML code, there was a malicious pointer which could execute a JavaScript, using which they were able to access the locally stored file linked to WhatsApp. 

Who’s at Fault?

Both Check Point and Saket have stayed away from pointing fingers at anyone, with special emphasis on the fact that encryption isn’t the sole reason for this vulnerability.

Saket Modi, CEO and Co-founder at Lucideus TechEncryption is one piece of the puzzle. The actual reason for vulnerability was because of the malware that could be executed through the browser.  

However, he did alert everyone to the reality that hacking WhatsApp data is very much doable, and it doesn’t matter if you’re a celebrity or just a normal person on the social platforms.

Saket Modi, CEO and Co-founder at Lucideus TechWhatsApp doesn’t delete conversations on phone. The app stores user data (messages) as an encrypted file whose encryption in the past has been subject to breaches multiple times. 

Being part of the digital-cum-social sphere comes with its set of responsibilities and awareness, and users ought to adhere to that for their own safety.