Cybersecurity researchers are warning of security flaws in WhatsApp, enabling hackers to block access to an account or send malware via fake apps. It's crucial to remain vigilant in the face of these threats, and to ensure the security of your personal messaging data.
Cybersecurity researchers have recently warned of malware and vulnerabilities affecting WhatsApp that could seriously compromise users' security. These vulnerabilities could lead to attacks up to and including the inability to access one's own account.
While many users are abandoning WhatsApp following the announcement of new terms of use (due to come into force in May), recent threats are likely to exacerbate this trend.
Check Point has warned of viruses spreading via WhatsApp in the form of fake applications. One such app, FlixOnline, claimed to offer Netflix content from around the world. However, instead, the app sent spam to all the user's contacts, enticing them to click on a link to get a Netflix offer, which could actually lead to malware. Although FlixOnline has been removed from Google Play, users should remain vigilant to the presence of such apps on app stores.
Two researchers recently discovered a vulnerability that allows hackers to remotely lock WhatsApp on victims' devices. The flaw lies in the application's registration process. A hacker can enter the victim's phone number during registration, which triggers the sending of a verification code. Although the victim receives the code, he or she will not be able to enter it, as the application continues to operate normally. The attacker can then make several attempts to request a new code until the service freezes for 12 hours.
At this point, the hacker can send an e-mail to WhatsApp to report that the victim's phone has been stolen and request that the account be blocked. If certain keywords are used in the request, this triggers an automatic action by WhatsApp, which temporarily blocks the victim's account. After several attempts, the account can be permanently deactivated. WhatsApp has responded by explaining that this method violates its terms of use.
In summary, these new security flaws and malware show the importance of remaining cautious when using WhatsApp and checking the provenance of installed applications. Users should keep up to date with the security measures put in place by the application to avoid such attacks.
Source : ICTjournal
