We had earlier covered how the CIA is using a method called as Fine Dine to hack people’s devices. The recent Wikileaks revelation has set in motion a snowball of concern of which the state sponsored cyber attacks tops the list. Now WhatsApp and Telegram has been under the scanner despite being an end-to-end encrypted communication channel. Encryption is devised in a such a way that only the receiver and the sender can see the message and no one else can intercept.
WhatsApp and Telegram Vulnerability
Checkpoint has unearthed a new vulnerability that is found to be existing on both WhatsApp and Telegram. The online versions of these platforms apparently mirror all the messages and sync with the user’s devices on real time basis. Once exploited the vulnerability would let the attackers completely take over users accounts and photos, they might also hold the users to ransom or still worst post the private photos online.
Modus Operandi
Moving on to the most interesting part, this is how it’s done. The story begins like any other malware, via social engineering technique the attacker sends a file with the malware payload. This will allow the attackers to access the local storage and from this point onwards they can gain complete access to the attacker. Just to ensure maximum engagement the file can be modified to contain attractive content, mostly like a click bait headline.
All of this is possible because the messages were encrypted without being validated first and since WhatsApp and Telegram were not scanning content the malicious file was successfully sent.
Checkpoint has also disclosed the information to WhatsApp and Telegram’s security team and they are already en route in issuing a fix for the same. I would advise all the WhatsApp and Telegram users to update to the latest version of the app. One should also periodically clean logged-in computers from your WhatsApp and Telegram and also avoid opening files from unknown sources.
