Security Flaw puts WhatsApp Users at Risk
The flaw could affect up to 200 million users
- By Matt Holden
- Sep 09, 2015
According to a new report, WhatsApp could potentially be putting 200 million people at risk via a security flaw. WhatsApp Web, the desktop version, could allow hackers to infect systems simply by knowing a user’s phone number.
Hackers can send vCards, which are used to send contact information, to users containing malicious code. Once the user opens it, an executable file sends all sorts of malware entities.
“This type of threat against WhatsApp isn’t new in terms of how we see hackers attempt to exploit popular messaging services,” said Richard Cassidy of Alert Logic. “Given the inherently open trust model that WhatsApp is built on, such as finding contacts in address books who may be using WhatsApp and sending invites openly to others, in addition to open sharing of files, images, videos and of course vCards; it’s an app that presents a great deal of opportunity for attackers to trick users (for whom they have details for) into opening a seemingly legitimate or interesting file, that could lead to an exploit of the host device.”
WhatsApp has since deployed an update to its desktop client.
About the Author
Matt Holden is an Associate Content Editor for 1105 Media, Inc. He received his MFA and BA in journalism from Ball State University in Muncie, Indiana. He currently writes and edits for Occupational Health & Safety magazine, and Security Today.