Yesterday, Check point team discloses the malware threat on Whatsapp and Telegram accounts. The exploitation of this vulnerability starts with the attacker sending an innocent looking file to the victim, which contains malicious code. The file contents are attractive, so that the chances a user will open it is raised.
In WhatsApp, once the user clicks to open the image, the back-end malicious file allows the attacker to access the local storage, where user data is stored.
In Telegram it is more difficult to access, so the user is expected to run it on another tab, in order for the attacker to access local storage. From that point, the attacker gains full access to the user’s account and account data. The attacker can then send the malicious file to the all victim’s contacts, causing a wide-spread of attack over the WhatsApp and Telegram networks.
Check Point disclosed this information to WhatsApp’s and Telegram’s security teams on March 7th. “Thankfully, WhatsApp and Telegram responded quickly and responsibly to deploy the mitigation against exploitation of this issue in all web clients,” said Oded Vanun, head of product vulnerability research at Check Point.
“We build WhatsApp to keep people and their information secure,” a WhatsApp spokesperson told The Verge. “When Check Point reported the issue, we addressed it within a day and released an update of WhatsApp for web. To ensure that you are using the latest version, please restart your browser.”