{"id":202936,"date":"2017-03-16T07:38:29","date_gmt":"2017-03-16T05:38:29","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=202936"},"modified":"2017-03-16T07:40:34","modified_gmt":"2017-03-16T05:40:34","slug":"whatsapp-web-security-flaw-discovered","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/202936-whatsapp-web-security-flaw-discovered.html","title":{"rendered":"WhatsApp Web security flaw discovered"},"content":{"rendered":"<p>Security firm Check Point has <a href=\"http:\/\/blog.checkpoint.com\/2017\/03\/15\/check-point-discloses-vulnerability-whatsapp-telegram\/\" target=\"_blank\"><strong>found a bug<\/strong><\/a> in the web versions of WhatsApp and Telegram, which could be exploited to access chats and media.<\/p>\n<p>The two messaging apps fixed the vulnerability following its disclosure on 8 March.<\/p>\n<p>&#8220;The exploitation of this vulnerability starts with the attacker sending an innocent-looking file to the victim, which contains malicious code,&#8221; said Check Point.<\/p>\n<p>&#8220;Once the user clicks to open it, the malicious file allows the attacker to access WhatsApp\u2019s and Telegram\u2019s local storage, where user data is stored&#8221;.<\/p>\n<p>An attacker can also send a malicious HTML file to a user&#8217;s contacts, which could not be prevented due to the apps&#8217; end-to-end encryption.<\/p>\n<p>A full breakdown of the vulnerability is <a href=\"http:\/\/blog.checkpoint.com\/2017\/03\/15\/check-point-discloses-vulnerability-whatsapp-telegram\/\" target=\"_blank\"><strong>available here<\/strong><\/a>.<\/p>\n<p>Videos of the vulnerability being exploited are posted below.<\/p>\n<h3 class=\"my-4\">WhatsApp Web Account Takeover<\/h3>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/UR_i5XSAKrg\" width=\"640\" height=\"360\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<h3 class=\"my-4\">Telegram Web Account Takeover<\/h3>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/26Ih4xTcP-E\" width=\"640\" height=\"360\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<h3 class=\"my-4\">Now read:\u00a0<a href=\"https:\/\/mybroadband.co.za\/news\/security\/202854-big-twitter-hack-swastikas-and-propaganda-for-turkish-president.html\" rel=\"bookmark\">Big Twitter hack \u2013 Swastikas and propaganda for Turkish president<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>Security firm Check Point has found a bug in the web versions of WhatsApp and Telegram, which could be exploited to access chats and media.<\/p>\n","protected":false},"author":23,"featured_media":164658,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[15511,23753,2594],"class_list":["post-202936","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-security-flaw","tag-telegram","tag-whatsapp"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/202936"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=202936"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/202936\/revisions"}],"predecessor-version":[{"id":202938,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/202936\/revisions\/202938"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/164658"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=202936"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=202936"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=202936"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}