• X
  • Listen in to our latest podcast!

    March 16, 2017

    New techniques enable hackers to access WhatsApp, Telegram messages

    whatsapp hacked

    Israeli security firm Check Point has revealed a latent vulnerability wherein WhatsApp and Telegram can be hacked through their respective web versions.

    WhatsApp and Telegram have both prided themselves on security and stability, and the former chat service enabled end-to-end encryption last year in a bid to secure message threads against hacking attempts. Now, Israeli security firm Check Point has discovered a devastating vulnerability in the web versions of both apps.

    Check Point detais that WhatsApp’s end-to-end encryption can be bypassed by sending a malicious image with latent HTML code which is triggered to run should a user click the image within WhatsApp Web. The code subsequently runs through the victim’s browser and can enable a hacker to gain access to a victim’s messages, contact list, and any shared videos or photos.

    Read: Facebook begins testing reactions and a dislike button in Messenger

    Similarly, Check Point has revealed that hackers can enclose hidden HTML in a video, which if Telegram users open on the web will run malicious code in a new browser tab.

    The below video reveals what occurs during a takeover of WhatsApp’s Web client:

    While both WhatsApp and Telegram have since patched their respective vulnerabilities, the latent weakness might have exposed millions of users to hackers seeking to circumvent end-to-end encryption.

    In conversation with Wired, Nadim Kobeissi, founder of Symbolic Software, commented that the discovery “highlight[s] a weakness specific to web applications”, and further commented that “It’s kind of heartbreaking to have to say this, but if you’re someone in a precarious situation and you care about your security, I’d recommend you use WhatsApp on an iPhone”.

    Read: Facebook announces that ads are headed to Messenger

    What are your thoughts on the news that a vulnerability has been discovered in WhatsApp and Telegram? Do you feel less safe on either platform? Be sure to let us know your opinion in the comments below!

    Follow Bryan Smith on Twitter: @bryansmithSA

    Listen in to our latest podcast!