Gadgets

This WhatsApp bug could screw millions of us over

Have you got WhatsApp? Of course you have, you're a modern man with busy social life - silly of us to ask.

But do you use the web extension of WhatsApp? A net-based clone of the app that allows you to message from your desktop and retrieve the conversations, images and files stored on your phone?

Then you're going to want to update your version of WhatsApp, pronto.

Security firm Check Point has discovered a serious flaw in the security of the web version of WhatsApp that can allow hackers to readily distribute malware - including the rather malicious 'ransomware', which can pinch files, contacts and conversation data.

A hacker can gain access to a user's data by sending a WhatsApp user a malicious vCard (one of those virtual contact cards with a person's phone number, email etc). Once the vCard was accepted and installed by the user, it could then distribute software that would allow the hacker to retrieve data from the web version of the service.

Having pinched a user's data with ransomware, a hacker can demand the victim to pay a fee to regain their data should they have discovered any compromising information.

Check Point notified WhatsApp as soon as it discovered the security flaw, which leaves the 200 million users of the web version of its messaging service vulnerable to attack. WhatsApp duly issued a patch, which users are urged to install.

So, update your WhatsApp software, install the patch, and don't go accepting any unknown vCard requests. And if you're still paranoid? Stick to good old SMS.

[Via: BBC]