Check Point has urged WhatsApp Web users to update the PC-based messaging service following the discovery of security vulnerabilities – which could lead to a user’s computer being infected with malware and ransomware.
WhatsApp Web is an extension of the WhatsApp application on smartphones, which mirrors all messages sent and received on a user’s phone and desktop computer.
At least 200 million people are estimated to use WhatsApp Web, said Check Point.
“To target an individual, all an attacker needs is the phone number associated with the account. The vulnerability lies in improper filtering of contact cards, sent utilising the popular vCard format,” said Check Point.
“As you can see (above), this message appears legitimate, like any other contact card; most users would click it without giving it a second thought.”
Once opened, the “contact” is revealed to be an executable file – which can distribute ransomware, RATs, and other malwares.
“The implication of this action is downloading a file which can run arbitrary code on the victim’s machine”.
“When executed, Windows will attempt to run all lines in the files, including the injection line. Once this type of contact is created, all an attacker has to do is share it via the normal WhatsApp client.”
“WhatsApp has acknowledged the security issue and has deployed a fix. To make sure you are protected, update your WhatsApp Web right now.”