Researchers from the cybersecurity firm Symantec have found a vulnerability that could allow WhatsApp media files to be hacked by the hackers. The flaw is called Media File Jacking. It affects WhatsApp on Android if certain features are already enabled.
When a user receives a media file, could be a picture or a video, there’s a delay in receiving the media before it’s stored in the phone’s memory.
This delay allows hackers to penetrate the Android phone and manipulate media files without the user getting to know what’s been done to their phone. The malware if injected, can manipulate the photo and also steal the necessary information.
In the following media clip, a WhatsApp user sent a photo of two friends, and the malware on the recipient’s device automatically replaced it with the actor Nicolas Cage over their faces. Imagine the possibility here, if an image can be altered, what else could be done?
The end-to-end encryption perhaps isn’t that all secure, especially for the Android phones as they are easy to hack. We already had a bug in WhatsApp a year back that allowed hackers to install malware through a simple phone call and compromising the phone.
The same malware is also affecting Telegram users too. Both WhatsApp and Telegram are collectively used by 1.5 billion people.
How to secure yourself if you are an Android user?
Change the settings right away.
- On WhatsApp, go to settings and turn off “Media Visibility.”
- On Telegram, turn off “Save to Gallery.” Do not allow the media to autosave on your smartphone.