Investing.com - Financial Markets Worldwide
Black Friday is Now! Don’t miss out on up to 60% OFF InvestingProCLAIM SALE

WhatsApp, Telegram patch flaws in instant messaging applications

Published 03/15/2017, 09:09 AM
Updated 03/15/2017, 09:20 AM
© Reuters. Picture illustration shows Whatsapp's logo reflected in a person's eye, in central Bosnian town of Zenica
CHKP
-
META
-

By Joseph Menn

SAN FRANCISCO (Reuters) - WhatsApp and Telegram patched flaws in their popular instant messaging applications after security researchers showed that they could seize control of user accounts.

Researchers with Check Point Software Technologies (NASDAQ:CHKP) Inc discovered problems with the way the two apps process some types of files without verifying that they do not contain active code that could be malicious.

Flaws in popular instant messaging applications are less common than traditional desktop software. The apps are often used because of their heavy encryption, which has been criticized by some in laws enforcement.

They were able to send files to the web-based versions of the products with malicious code while making it seem to be something else, such as a picture. In WhatsApp's case, once opened by the recipient, the code allowed the researchers to get into the local storage of the user and then access the user's account. From there, they could have sent the same malicious attack to all of the users' contacts.

Telegram's flaw was much more subtle and required "very unusual" behavior by the victim, such as right-clicking on a video and opening a new tab, said spokesman Markus Ra.

There is no evidence that any similar attacks were actually used in the wild against either company's products, he said.

© Reuters. Picture illustration shows Whatsapp's logo reflected in a person's eye, in central Bosnian town of Zenica

"When Check Point reported the issue, we addressed it within a day and released an update of WhatsApp for web," said Anne Yeh, a spokeswoman for that Facebook Inc (NASDAQ:FB) unit. "To ensure that you are using the latest version, please restart your browser.”

Latest comments

Install Our App
Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.