A software vulnerability has been discovered in the web-based version of the popular WhatsApp messaging app for smartphones, which could allow hackers to trick users into downloading malware on their PCs. The vulnerability could compromise computers by allowing hackers to distribute malware including ransomware, bots, remote access tools (RATs) and other types of malicious code. Mark James, security specialist at IT Security Firm ESET commented on the serious bug in Whatsapp left 200 million users with an ‘open door’ to hackers.
[su_note note_color=”#ffffcc” text_color=”#00000″]Mark James, Security Specialist at IT Security Firm ESET :
Any insight into the vulnerability/what happened?
“Software vulnerabilities enable users or other software to manipulate the program to do things it was never intended to do or allow access to areas that should not be accessed. In this instance it allowed the possibility of a Vcard (Virtual Business card) to be sent to a user by only knowing their telephone number. Bear in mind that almost all of the security breaches we hear about contain phone numbers in the breach, unlike credit cards or passwords they are not often encrypted or hashed. Now bearing in mind that WhatsApp is a cross platform mobile messaging app, the chances of you opening a Vcard sent to you is quite high. Once opened it will attempt to download and infect your system with ransomware.”
Is there anything else that users can do to protect themselves in the future, or are regular updates enough?
“Apart from be very mindful of the content you receive not really, no. The very nature of WhatsApp is a two way messaging service that sends and receives data but you still need to have your wits about you and remember not everything on the internet is trustworthy and honest.
Make sure your web browser, operating system, applications and Anti-Virus products are fully updated and patched. Don’t wait to apply updates later, always do them now and to be safe reboot your machine afterwards if you’re not familiar with updating browser cache to ensure patches are applied.”
What could be the implications of someone compromised using Whatsapp Web on a work computer?
“Ransomware is one of the most destructive forms of malware around currently; it renders local and remote files unusable until the ransom is paid. If this is in a business environment then no one will be able to access those files and in a worst case scenario could cause the whole software infrastructure to fail. Of course, if backups are in place it’s just a matter of time before you are back up and running but if not then remember paying the ransom is only funding criminal activity and should be avoided if possible.”
What can WhatsApp Web do to make their service more secure?
“In this case WhatsApp acted very fast indeed, a patch was made available that fixed the problem and was rolled out quickly, this enabled their users to be safe again from this vulnerability providing they applied the patch. It’s good to see companies acting this fast in response to these vulnerabilities being found.”[/su_note][su_box title=”About ESET” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.