The researchers from Check Point Software Technologies, a Computer Security Firm, has unearthed that hackers can easily break into WhatsApp and other Telegram messaging accounts of the sort. What’s more alarming about the news is that these hackers will use the very same encryption technology that is intended to protect the users from snooping eyes.
Check Point has stated that it has already alerted WhatsApp and Telegram of the vulnerability in their system. However, it has further stated that the glitch has been made public after it was allegedly patched up by the companies.
The security firm did not exactly point out the number of accounts or users on stake, but it did mention that the loophole posed a threat to “hundreds of millions” of users. Moreover, the people who are using the messaging application through browser are more prone to vulnerability rather than those who are using mobile applications.
Check Point head of product vulnerability Oded Vanunu said in a press release:
“This new vulnerability put hundreds of millions of WhatsApp Web and Telegram Web users at risk of complete account take over.
“By simply sending an innocent looking photo, an attacker could gain control over the account, access message history, all photos that were ever shared, and send messages on behalf of the user.”
According to Check Point, the glitch made it possible for an attacker to use a digital image as trap with malicious code that could hijack an account as soon as it is clicked. Moreover, the virus by sending can infect the messages of those listed in the contacts.
The end-to-end encryption by WhatsApp and Telegram make it impossible for a third-party to find out about the text before it is reviewed, thus making it easy for the virus to be spread. To remedy the situation, both services shifted to finding and blocking viruses before messages are encrypted.