WhatsApp Hits 900 Million Users, Experiences Security Breach
Security researchers at CheckPoint Software have discovered a security vulnerability in the web-based version of the popular WhatsApp application. WhatsApp is a mobile messenger application and WhatsApp Web is the web-based extension of the phone app which allows users to synchronize their messages across their mobile devices and desktop computers. According to CheckPoint’s website, “researcher Kasif Dekel recently discovered significant vulnerabilities which exploit the WhatsApp Web logic and allow attackers to trick victims into executing arbitrary code on their machines in a new and sophisticated way."
The vulnerability in question utlizied the vCard format to potentially send a user a file containing a malicious code. A vCard is the standard file format for an electronic business card which can be attached to messages. Typically vCards contain contact information, URLs, images and audio clips but in this case, the format could be exploited to infect unsuspecting users with multiple malicious programs, including viruses, ransomware, etc. WhatsApp was notified of the issue before CheckPoint went public with its findings and deployed an update to its users – without the update, your WhatsApp web client may still be vulnerable to the security breach.
WhatsApp is a mobile application that is used to share text, image, video and audio messages as well as location information with other users. It was purchased by Facebook in 2014. As of January 2015, it was the most popular messaging app in the world with more than 600 million active users and reached 900 million users this month. Earlier this year, the Electronic Frontier Foundation gave WhatsApp a failing grade for failing to protect user data.