WhatsApp recently announced that they are having nearly 900 million active users and yes it is one such message service that almost replaced the default messaging option in mobile phone. Recently a vulnerability has been revealed that makes an attacker easy to hack WhatsApp account.
#WhatsApp Web is one such feature rolled out by the team which allows the users to check their messages through web client and it is also made available for iPhone users recently.
The vulnerability that has been revealed put around 200 million user accounts vulnerable and the malicious actions that can be taken by an attackers are
Take complete control over the system
Install any application or software
RAT (Remote Administration Tool) installation
Turning the system into a BOT.
The vulnerability resides in the feature that allows users to share the contact via Vcard. WhatsApp accepts any Vcard in the form of .Bat (Batch) file and through this the account can be used to hack a system.
To exploit the vulnerability an attacker needs to send the malicious code containing file in the name of Vcard to the victim or the target, the moment he / she opens the file the code will be executed and the account can be used to hack the system.
WhatsApp has been notified about this vulnerability and the patch has been made and the new version has been rolled out.
Versions before V0.1.4481 is vulnerable and so the users are recommended to update their WhatsApp as soon as possible to avoid cyber attacks.
P.S : The post is to create awareness and not to be misused.
No comments:
Post a Comment