Pável Dúrov, one of the creators of Telegram, does not miss the opportunity to say it whenever he can: WhatsApp is riddled with security breaches (You can read his manifesto HERE). Without going to the extreme of Pável, who considers the Facebook messaging app a full-fledged Trojan, the truth is that WhatsApp is a real candy for hackers: it is used by billions of people and therefore the impact of their actions they tend to be global in scope.
5 techniques with which a cybercriminal could hack into a WhatsApp account
Leaving aside all the security problems that WhatsApp may have (and understanding that these problems are solved through app updates), the truth is that there are several ways in which the integrity and privacy of our conversations can be compromised. These are some of the most prominent.
1- Remote code execution through a GIF
Just a month ago, in October 2019, the security researcher "Awakened" explained in a Github post how he had detected a security flaw in WhatsApp for Android that allowed hackers to take control of it by sending a simple GIF.
The hack takes advantage of how WhatsApp processes images: when the system tries to show a GIF preview, it analyzes the entire GIF instead of just choosing the first image. Since GIF files are a sequence of images one after another, this allows the hacker enter code between one image and another. What happens then? That when WhatsApp tries to preview the GIF that the hacker has sent, by analyzing the “complete package” of the GIF (images + code in between), the user is infected without even opening the GIF in question.
Fortunately, according to Awakened himself, after notifying the problem to Facebook, it has been corrected by means of a patch in a recent update (more specifically, in version 2.19.244 of WhatsApp for Android).
2- Social engineering attacks
Social engineering attacks take advantage of human psychology to steal information or spread hoaxes and fake news. This security breach that we comment on below was discovered by Check Point Research, and in it it takes advantage of the "quote" function used in WhatsApp to reply or send a reply to a specific message in a chat.
The trick is basically to reply to a message but modifying the sender's text. For this, the web version of WhatsApp is used to decrypt the messages using the Burp decoder as an intermediary. In this short explanatory video we can see its operation more clearly.
Although this vulnerability was discovered in 2018, no patch has yet been implemented to fix the problem, according to ZDNet in THIS POST from August 2019.
3- The Pegasus voice call
This is an attack that is carried out by making a voice call through WhatsApp. The scariest thing of all is that we don't even need to answer the call, it can infect the user without even knowing it.
The method used for this attack is what is known as "stack overflow", and consists of introducing a large amount of code in a small buffer, in such a way that it overflows and ends up writing that code in places that it should not be able to to access.
In this case, the hacker introduces a malware called "Pegasus" which is capable of accessing the victim's messages, calls, photos and videos.
This attack was used by an Israeli company, accused of spying on organizations such as Amnesty International and other groups of activists in favor of human rights. WhatsApp has already patched the application to prevent this type of attack, but if you have a version of WhatsApp for Android prior to 2.19.134, or a version prior to 2.19.51 on iOS, it is best to update as soon as possible.
4- The trick of the change
This other type of attack is known as “multimedia file hijacking”, which takes advantage of a vulnerability present in most messaging apps, such as WhatsApp and Telegram.
Here the hacker would insert the malicious code into an application that is harmless in principle, and once the victim has installed it, they would listen. Thus, when the user receives a photo or video by WhatsApp and it goes to their Gallery, the app would be able to grab the incoming file and replace it for another completely different file.
According to Symantec, this is a hoax that can be used to spread false news and encourage misinformation. In any case, it is a "hack" that we can easily prevent by entering the WhatsApp settings, in "Settings -> Chats”And deactivating the tab“Media file visibility”.
5- Hello, Facebook… are you there?
Finally, we cannot close this post without mentioning Facebook itself. Although WhatsApp uses end-to-end encryption to protect the content of everything we send through WhatsApp, there are many voices that believe that the company of the big F could be spying on part of the conversations.
This is because, as indicated by the developer Gregorio Zanon, although WhatsApp uses end-to-end encryption, in versions of iOS 8 and higher, apps use what is known as “shared containers” where they can access certain files .
Both Facebook and WhatsApp use the same shared container on the devices. And although at the moment of truth the chats are sent perfectly encrypted through the application, that does not mean that they are encrypted on the source device.
It should be clear, however, that there is no evidence that Facebook is reading private WhatsApp messages (although it potentially has the possibility of doing so). What's more, the company has always placed special emphasis on protecting user privacy, through its privacy policy and through posts such as ESTA on the application's official blog.
You have Telegram installed? Receive the best post of each day on our channel. Or if you prefer, find out everything from our Facebook page.
