Min menu

Pages

Learn about 5 ways to hack WhatsApp app and beware of them

 


WhatsApp is the most widely used and easiest messaging program in the world, with a range of security features, such as using end-to-end encryption to keep messages private. However, it can be hacked and access to your private messages and contacts.

In this article from the network, we present five ways in which WhatsApp can be hacked.

 

1. Remote code execution via GIF 


Receiving messages containing GIFs is not always fun, and in October 2019, security researcher Awakened revealed a security vulnerability in WhatsApp that enabled hackers to control the app using GIFs.  The refore, it contains a set of encrypted frames that can easily hide a code inside it.


If the user accesses a malicious GIF file, the sender may be able to see the entire conversation history, and will be able to know the content of the messages as well as the identity of the addressee. This also enables you to see files, photos and videos sent via WhatsApp.

 

Of whatsApp versions affected by this vulnerability 2.19.230 on Android 8.1 and 9. Fortunately, Awakened responsibly exposed the vulnerability, and Facebook, which owns WhatsApp, was able to solve the problem. To keep your app safe from this problem, you must update WhatsApp to version 2.19.244 or above.

 

2. Pegasus attack for voice calls



Another WhatsApp hack in early 2019: Pegasus's voice-over, which was attributed to the Israeli company NSO Group, which was accused of spying on Amnesty International staff and other human rights activists.

This hack belongs to Android, iOS, Windows 10 Mobile and Tizen devices. If you're running WhatsApp 2.19.134, an earlier version on Android, version 2.19.51, or an earlier version on iOS, you need to update the app immediately after the hack news is published, WhatsApp has been updated to protect it from this attack.



3. Socially Orchestrated Attacks



There is another way to sneak into WhatsApp, known as socially orchestrated attacks. This uses psychology research to steal information or disseminate misinformation. A security company called Check Point Research uncovered such an attack called FakesApp. This essentially allowed hackers to cultivate fake phrases that appear to be from other legitimate users by quoting in a group chat and changing someone else's response text.



Researchers were able to do this by decrypting WhatsApp connections. Which allowed them to see the data sent between the mobile phone version and WhatsApp version on the web. From here, they can change the text in group chats. They can also impersonate other people and send messages that appear to be members of the group. 

Although the hack was detected in 2018, it has not yet been corrected, the researchers say.

4 Media file coverage


This issue affects both WhatsApp and Telegram as this attack benefits from the way apps receive media files such as photos or videos and record these files on an external device's volume.

The attack begins with the installation of malware attached to the in-app media files. It is then possible to monitor files received for Telegram or WhatsApp and to replace the real file with a fake file. Researchers who discovered this problem assert that it can be used to scam people or to spread fake news.

There is a quick solution to this problem. In WhatsApp, by searching settings and moving to chat settings. Then look for the stop option save in the gallery that will protect you from this vulnerability. However, a real fix to the problem will require app developers to change the way applications deal with media files in the future.




 WhatsApp on iOS devices


For WhatsApp on Android devices

5. Spy Facebook on Watsp chats

Since Facebook's purchase of WhatsApp, a group of app users have thought about whether it is possible to read WhatsApp messages via Facebook. This issue must be taken into account because it is more a security problem than a breach.

In a blog post, WhatsApp reported that since it uses end-to-end encryption, it is impossible for Facebook to read WhatsApp content: "We have introduced end-to-end encryption. When you and the people you send the latest version of WhatsApp, your messages are encrypted by default, which means you're the only one who can read them. Even as we coordinate more with Facebook in the coming months, your encrypted messages remain private and no one else will be able to read them. Neither WhatsApp, Facebook, or anyone else. "

However, according to developer Gregorio Zenon, this is not entirely true. Although WhatsApp uses end-to-end encryption, it doesn't mean that all messages are private. On an operating system such as iOS 8 and above, apps can access files in a Shared Container.

Both Facebook and WhatsApp apps use the same shared container on devices. Although chats are encrypted when sent, they are not necessarily encrypted on the original device. This means that Facebook can copy information directly from WhatsApp.

To illustrate this, there is no evidence that Facebook has used shared containers to display WhatsApp's private messages. But the potential capacity exists for them to do so. Even with end-to-end encryption, your messages may not be private from Facebook's overall point of view.

 

 

reaction: