Beware of this new WhatsApp security flaw

Check Point has urged WhatsApp Web users to update the PC-based messaging service following the discovery of security vulnerabilities – which could lead to a user’s computer being infected with malware and ransomware.

WhatsApp Web is an extension of the WhatsApp application on smartphones, which mirrors all messages sent and received on a user’s phone and desktop computer.

At least 200 million people are estimated to use WhatsApp Web, said Check Point.

“To target an individual, all an attacker needs is the phone number associated with the account. The vulnerability lies in improper filtering of contact cards, sent utilising the popular vCard format,” said Check Point.

WhatsApp Web

“As you can see (above), this message appears legitimate, like any other contact card; most users would click it without giving it a second thought.”

Once opened, the “contact” is revealed to be an executable file – which can distribute ransomware, RATs, and other malwares.

“The implication of this action is downloading a file which can run arbitrary code on the victim’s machine”.

WhatsApp Web
To run malicious code from the “vCard” file, an attacker injects a command to the name attribute, separated by the ‘&’ character.

“When executed, Windows will attempt to run all lines in the files, including the injection line. Once this type of contact is created, all an attacker has to do is share it via the normal WhatsApp client.”

“WhatsApp has acknowledged the security issue and has deployed a fix. To make sure you are protected, update your WhatsApp Web right now.”

More WhatsApp news

New cheap WhatsApp bundle from Cell C launched

Beware of these WhatsApp scams and tricks in South Africa

Latest news

Partner Content

Show comments

Recommended

Share this article
Beware of this new WhatsApp security flaw