The Facebook messaging app recognized and fixed a major vulnerability that gave hackers the ability to access files on the victim's computer.
All you had to do to become a victim of this attack was to click on a disguised link view sent by the messaging app. In other words, it would have been an easy mistake for any user.
Importantly, this did not affect all WhatsApp users. Instead, a WhatsApp user had to have the iOS version of the messaging app paired with a WhatsApp desktop app for PC or MacOS.
"A vulnerability in WhatsApp Desktop, when combined with WhatsApp for iPhone, allows cross-site scripting and local file reading", reports a Facebook bug report.
"Exploiting the vulnerability requires the victim to click on a link to view a specially crafted text message."
In a blog post, dated yesterday, February 4, the security researcher who discovered and disclosed the vulnerability detailed his process and noted that WhatsApp should really be more careful with the updates and security of the app.
"This is 2020!", wrote Gal Weizman.
"No product should allow a complete reading of the file system and, potentially, remote code execution from a single message."
When searching for information with Facebook about the number of people who were vulnerable to this attack, we did not receive an immediate response and thus proceeded to the publication of this text.
WhatsApp vulnerabilities could have serious consequences, in the past month, a security company hired by Amazon CEO Jeff Bezos, said in a report that the CEO's phone may have been hacked after receiving a malicious message via WhatsApp. And although Bezos be well, people with less power and resources who are victims of similar attacks may not do so well.
Facebook is aware of this, but suggests that at least part of the blame must be elsewhere. After the news of Bezos' hacked phone, the company's vice president in Europe, Middle East and Africa, Nicola Mendelsohn, suggested Bloomberg that the problem may be Apple.
"One of the things that stands out is, in fact, some of the possible underlying vulnerabilities that exist in real phone operating systems", said Mendelsohn publication.
"From the point of view of WhatsApp, from the point of view of Facebook, what matters most to us, what we invest in ensuring that the information that people have with us is safe and protected".
Yes, that is great, in fact an obligation! But perhaps that should include a ban on malicious texts that allow hackers to access victims' computers, right?
In the meantime I continue using Telegram to work and chat with friends. All that remains on Whatsapp is the family group and some friends who insist on using Whatsapp, "because nobody uses this Telegram", do you speak or do I speak ?!
We recommend reading: