2 Popular Messaging Apps Vulnerable to Hackers
March 15, 2017
Those encrypted messaging apps you may have been using to avoid
prying eyes had a major flaw that could have allowed access to
hackers, according to a cybersecurity firm.
According to Check Point Software Technologies, both Telegram
and WhatsApp, which is owned by Facebook, were vulnerable.
The company said it withheld the information until the security
holes were patched, saying “hundreds of millions” of users could
have been compromised.
The vulnerability involved infecting digital images with
malicious code that would have been activated upon clicking the
pic. That, according to Check Point, could have made accounts
susceptible to hijacking.
new vulnerability put hundreds of millions of WhatsApp Web and
Telegram Web users at risk of complete account take over," Check
Point head of product vulnerability Oded Vanunu said in a news
release. "By simply sending an innocent looking photo, an
attacker could gain control over the account, access message
history, all photos that were ever shared, and send messages on
behalf of the user."
Both apps tout so-called end-to-end encryption to ensure
privacy, but according to Check Point, that made it hard to spot
Patching the vulnerability involved blocking the code before the
messages were encrypted.
WhatsApp claims to have more than one billion users, while
Telegram has more than 100 million.