Security16.03.2017

WhatsApp Web security flaw discovered

By Staff Writer

Security firm Check Point has found a bug in the web versions of WhatsApp and Telegram, which could be exploited to access chats and media.

The two messaging apps fixed the vulnerability following its disclosure on 8 March.

“The exploitation of this vulnerability starts with the attacker sending an innocent-looking file to the victim, which contains malicious code,” said Check Point.

“Once the user clicks to open it, the malicious file allows the attacker to access WhatsApp’s and Telegram’s local storage, where user data is stored”.

An attacker can also send a malicious HTML file to a user’s contacts, which could not be prevented due to the apps’ end-to-end encryption.

A full breakdown of the vulnerability is available here.

Videos of the vulnerability being exploited are posted below.

WhatsApp Web Account Takeover

Telegram Web Account Takeover

Now read: Big Twitter hack – Swastikas and propaganda for Turkish president

Don't miss the latest news

Show comments

Forum discussion

WhatsApp Web security flaw discovered

WhatsApp Web Account Takeover

Telegram Web Account Takeover

Now read: Big Twitter hack – Swastikas and propaganda for Turkish president

Latest news

End of an era for DStv

Amazon in R1.98-billion deal involving 180 million of a unique shrub in South Africa

New laws coming for online gambling in South Africa

The Spirit of 1976 Lives in Today’s Lifesavers

Openserve launches 1Gbps fibre-to-the-home

Digital IDs are coming to South Africa, here’s what comes after

Next-gen education: Zila Tech drives transformation with Google Education and Chromebooks

Former Vodacom heavyweight has a message about Starlink in South Africa

Vodacom taking control of R172.7-billion company

More news

Vumatel goes from zero to hero

South Africa’s new traffic fine system is not ready

Capitec Connect data from R6 for every Bafana fan

What’s Next — Lexus’s Riaan Esterhuysen discusses the future of luxury EVs in South Africa

Dis-Chem spent R330 million on digital upgrades and is launching a new mobile app

ZTE and GSMA Announce Co-location Between ZTE Global Summit & User Congress and GSMA M360 ASEAN at MWC26 Shanghai

Delivery platform started in 1992 taking on Checkers Sixty60 in South Africa

SABC secret weapon goes from zero to over 2 million in under 2 years

Trending news

Hollywoodbets finally says the quiet part out loud

Uber and Bolt drivers warned to avoid airports and townships

The unique township cellphone shop that brings dead or water-damaged phones back to life

The best software development partner in South Africa

President Cyril Ramaphosa signs off launch date for new traffic fine laws for South Africa

ICASA lays out exactly what Starlink must do to operate in South Africa

From zero to 1 million in one month

State-owned IT firm on hiring spree in South Africa and paying up to R3 million

Telkom spends R85 million to train 1,100 learners

Industry News

Is Your Software an Asset or a Liability?

Synthesis wins Digicloud Africa Google SecOps challenge, strengthening its Google Cloud security credentials

South Africans are getting paid every Friday for buying groceries and fuel

Vodacom and Amazon SA Launch First-of-Its-Kind Partnership in South Africa

How to make the most of the winter holidays without leaving home

Poll