Researchers from the cybersecurity firm Symantec, have discovered an exploit that could allow WhatsApp and Telegram media files to be compromised by hackers.
How it Works
The flaw, creatively named “Media File Jacking”, affects WhatsApp and Telegram on Android if certain features are enabled. When you receive a photo or a video, there’s a bit of a delay in when the photo/video is received and then stored on your phone’s memory.
This crucial time-lapse allows hackers to intervene and manipulate media files without the user’s knowledge.
Once the user has sent a media file, malware can be used to tamper with the photo. For example, the malware could change numbers in a photo of an invoice, to scam victims into giving money to the wrong person.
In a demo clip, a person sent a photo of two friends, and the malware on the recipient’s device automatically replaced it with the actor Nicolas Cage over their faces.
Symantec notes that while end-to-end encryption helps secure the file in transit, it doesn’t mean that the chat apps themselves are immune. Earlier this year, reports disclosed a WhatsApp flaw that allowed hackers to install spyware into the phone via a simple phone call.
WhatsApp and Telegram are collectively used by 1.5 billion people. Before going public with the discovery, Symantec notified Telegram and Facebook/WhatsApp about the Media File Jacking vulnerability. Neither of them has responded so far.
How to Protect Yourself
If you’re using these apps, you can protect yourself from the exploit by changing the settings. On WhatsApp, you can do this by going to Settings, and turning off “Media Visibility.” On Telegram, you can protect yourself by turning off “Save to Gallery.”
If you want more details on the newly discovered vulnerability, you can check out the full report here.