Jump directly to the content
Revealed
I-SPY

WhatsApp bug lets crooks see your PRIVATE files – update the app right now

A SERIOUS flaw in WhatsApp's design made it possible for crooks to rifle through your computer files.

WhatsApp users who own an iPhone are being urged to update their apps immediately to defend against the attack.

A dangerous WhatsApp bug made it possible to snoop on your files
2
A dangerous WhatsApp bug made it possible to snoop on your files

The bug made it possible for hackers to perform a series of clever manoeuvres to read files on your PC or Mac.

It was discovered by PerimeterX cyber-expert Gal Weizman, who the attack in a blog post.

The bug affects iPhone owners who connect their handsets to a computer using WhatsApp Desktop.

This hugely popular app lets you chat with pals or colleagues on a PC or Mac linked to your phone.

The malicious texts would look just like a normal link
2
The malicious texts would look just like a normal linkCredit: PerimeterX

Cyber-whizz Weizman found that he could use JavaScript to access your computer's private files.

This would include sensitive documents, photos or videos.

The attack involved forge malicious links that look like genuine, safe websites inside WhatsApp.

But if you clicked one of these links, it would allow the hacker to "read" files from your computer.

Facebook, which owns WhatsApp, hails the messaging app as being very safe and secure – but this latest bug casts doubt on the claim.

In a statement, a WhatsApp spokesperson said: "We regularly work with leading security researchers to stay ahead of potential threats to our users.

"In this case, we fixed an issue that in theory could have impacted iPhone users that clicked on a malicious link while using WhatsApp on their desktop.

"The bug was promptly fixed and has been applied since mid-December."

How to avoid this WhatsApp hack

WhatsApp fixed the bug in December, so it's important to update your apps to the latest version.

Update the WhatsApp app on your iPhone as well as WhatsApp Desktop on your computer.

It's also worth being savvy about the links you click inside WhatsApp.

Researchers say there are several ways to spot if a WhatsApp message has been tampered with.

"They should look for text that might appear more like a piece of code than like legitimate text.

"The malicious message can only work if it contains the text “javascript:”, so users should be wary of this slip-up if code is visible.

"Users should exercise caution and avoid opening any links sent by unknown accounts.

"Preview banners and URLs can be misleading—even if these seem to be legitimate, users should only open them when received from a trusted source."

WhatsApp also confirmed that it had seen no evidence of this bug being abused.

 

WhatsApp trick reveals exact number of texts you’ve sent to pals

WhatsApp – a quick history

Here's what you need to know...

  • WhatsApp was created in 2009 by computer programmers Brian Acton and Jan Koum - former employees of Yahoo
  • It's one of the most popular messaging services in the world
  • Koum came up with the name WhatsApp because it sounded like "what's up"
  • After a number of tweaks the app was released with a messaging component in June 2009, with 250,000 active users
  • It was originally free but switched to a paid service to avoid growing too fast. Then in 2016, it became free again for all users
  • Facebook bought WhatsApp Inc in February 2014 for $19.3billion (£14.64bn)
  • The app is particularly popular because all messages are encrypted during transit, shutting out snoopers
  • As of January 2018, WhatsApp has over 1.5billion users globally

#

MOST READ IN TECH

AI Nostradamus predicts cyber war in 2025 prophecies… & it’s bad news for Putin
ALL SEEING

AI Nostradamus predicts cyber war in 2025 prophecies… & it’s bad news for Putin

Amazon Prime change branded 'unbearable' & you'll need to pay to avoid it
AMAZ-OFF

Amazon Prime change branded 'unbearable' & you'll need to pay to avoid it

Saturn's vanishing rings & intense Northern Lights - 5 space spectacles for 2025
STARSTRUCK

Saturn's vanishing rings & intense Northern Lights - 5 space spectacles for 2025

Forgotten trick allows Virgin Media viewers to unlock EXTRA TV channels for FREE
FREE TV

Forgotten trick allows Virgin Media viewers to unlock EXTRA TV channels for FREE

In other news, we reveal how to tell if someone has blocked you on WhatsApp.

Find out some of the best WhatsApp tricks you can try today.

WhatsApp is about to start showing you ads, and people are threatening to delete their accounts.

And we recently revealed the new WhatsApp features coming to your phone in 2020.

Do you trust Facebook and WhatsApp to protect your privacy? Let us know in the comments!

We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]

Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU