WhatsApp vulnerable, 200 million users vulnerable to attacks

Kasif Dekel, Check Point's expert in the field of computer systems security, has recently discovered an important vulnerability using the mechanism of the WhatsApp communicator. To perform an attack, just send an innocent-looking vCard with a specially crafted code. After opening the business card, it turns out that the alleged contact data is an executable program that also poses a threat to other computers by installing bots, user blackmail viruses, RAT programs that allow the attacker to take remote control of the computer and other malware.

An attack requires only knowing the phone number assigned to the account . The WhatsApp representative confirmed the existence of the threat and announced the publication of a patch that users on the devices can install on their devices around the world. To avoid a threat, you should update your WhatsApp instantaneously.

Check Point has informed WhatsApp about the threat of August 21, 2015. On August 27, WhatsApp released the first patch (for all versions newer than 0.1.4481) and blocked the attack feature.

WhatsApp Web allows users to view files and attachments of any type that can be sent and viewed using a mobile platform / application. These include photos, video and audio files, location data and business cards.

Kasif discovered that to cause the malicious code to be executed, the attacker only needs to insert the command in the vCard file for the name attribute after the " & " character. By opening this crafted file, the Windows operating system tries to run the code from each line, including the code inserted by the attacker.

WhatsApp is a cross-platform instant messenger, available for Android, iOS, Windows Phone, Symbian and BlackBerry OS. In February 2014, the application was purchased by Facebook, for a total of 19 billion dollars and is the most expensive purchase of a company from Menlo Park. At the beginning of September this year WhatsApp has exceeded 900 million active users, of which at least 200 million use the web version.

More information at:

source: Check Point

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.