Wednesday 9 September 2015

Are You Using WhatsApp Web? Your Account Can Be Hack

Are You Using WhatsApp Web? Your Account Can Be Hack!

The major security flaw on WhatsApp web. The company recently announced 900 million users and at least 200 million are using Whatsapp Web interface. 

WhatsApp Web allows users to view any type of media or attachment that can be sent or viewed by the mobile platform/application. This includes images, videos, audio files, locations and contact cards. This vulnerability found by Checkpoint security researchers Kasif Dekel.

Which exploit the WhatsApp Web logic and allow attackers to trick victims into executing arbitrary code on their machines in a new and sophisticated way. All an attacker needed to do to exploit the vulnerability was to send a user a seemingly innocent vCard containing malicious code. Once opened, the alleged contact is revealed to be an executable file, further compromising computers by distributing bots, ransomware, RATs, and other malwares.

Kasif found that by manually intercepting and crafting XMPP requests to the WhatsApp servers, it was possible to control the file extension of the contact card file.

He changed the file in .BAT and send to victim. Once the victim download the file code and run on the computer then malicious code gets injected and run

  • Take complete control over the target machine
  • Monitor user's activities
  • Use the target machine to spread viruses

  • NUMBER/GROUPID: the victim’s number or group ID
  • ID: the message ID
  • TIMESTAMP: the timestamp of the sender device
  • FILENAME: the VCARD file name, <something>.exe
  • FILEDATA: the raw data of the file

This vulnerability fixed in the week. 

  • On August 21, 2015 – Vulnerability disclosed to the WhatsApp security team. 
  • August 27, 2015 – WhatsApp rolls out fixed web clients (v0.1.4481)

WhatsApp security team has verified and acknowledged the vulnerability and has rolled out an update to fix the issue in its web clients (v0.1.4481).

Source: CheckPoint


Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer