Great response by WhatsApp! It has been classified that one of the bug in the messenger’s web version app allows hackers to distribute malware and could put up to 200 million users at risk. By responding to that vulnerability, WhatsApp has immediately issued a patch to fix the flaw.
The discovered flaw affcts only the WhatsApp Web Client users who use the service, by allowing intruders to spread spyware, malware, including ransomware, which demands victims pay a feww to regain access to their files. Check Point urged users to update their WhatsApp software immediately to take advantage of the fix.
How Ransomware affects and gain access? However, the WhatsApp web app is a mirror version of its mobileapp, enabling all messages, images and other content received on a smartphone to be quickly accessed from the web browser. According to the statistics, released by the firm this year, there are currently 2000 million active users of the web app. This compares to 900 million users of the smartphone app.
Point to be noted, that the vulnerability was caused by the way the service handles contacts sent in the vCard (virtual card) format. All a hacker needed to do to send a virtual business card that looked legitimate was know their target’s mobile number. Once opened the vCard could distribute malicious code. That’s it! Result is in front, the hacker makes it easier to get hold of mobile numbers that have been disclosed via other breachers.
“Bearing in mind that WhatsApp is a cross-platform mobile messaging app, the chances of you opening a vCard sent to you is quite high,” commented Mark James, a specialist at security firm ESET.
“Once opened it could attempt to download and infect your system with ransomware.”
It was alerted WhatsApp about the problem on 21 August and a week later it issued a fix. Now it’s time to get rid of this flaw and WhatsApp Web Client issues.