tech news

WhatsApp Web flaw lets cyber criminals access their victims’ files remotely

A safety flaw has been found on WhatsApp Internet, the place cyber criminals can ship bogus messages that will give them entry to recordsdata on a sufferer’s laptop.

Safety researcher Gal Weizman, who found the flaw, defined that the malicious hyperlink might be hidden behind a misleading message, made to appear to be a hyperlink to an abnormal web site.

As soon as customers click on on the hyperlink, it might launch a script that permits the attacker to retrieve recordsdata from the compromised laptop and probably open a backdoor to create extra bother.

He famous that the exploit was as a consequence of WhatsApp desktop being developed by Fb utilizing the Electron software program framework.

Electron is utilized by builders to create cross-platform apps based mostly on browser applied sciences, and on this case it used an outdated model of the Chrome browser’s Chromium engine, Chrome 69.

The newer variations of the Chromium engine – Chrome 78 and up – are in a position to catch the malicious code.

ArsTechnica reported that the vulnerability impacts WhatsApp Desktop variations 0.3.9309 and earlier, for iPhone customers who paired the desktop app with the iOS model of WhatsApp that is older than 2.20.10.

Fb has since created a patch to repair this subject.

Customers are beneficial to replace the WhatsApp app on their laptop and the smartphone they use to connect with WhatsApp Internet.

Leave a Reply

Your email address will not be published. Required fields are marked *