- Jan 8, 2011
- 22,361
BLOG.CHECKPOINT.COM - WhatsApp “MaliciousCard” Vulnerabilities Allowed Attackers to Compromise Hundreds of Millions of WhatsApp Users | Check Point Blog
Check Point security researcher Kasif Dekel recently discovered significant vulnerabilities which exploit the WhatsApp Web logic and allow attackers to trick victims into executing arbitrary code on their machines in a new and sophisticated way.
All an attacker needed to do to exploit the vulnerability was to send a user a seemingly innocent vCard containing malicious code. Once opened, the alleged contact is revealed to be an executable file, further compromising computers by distributing bots, ransomware, RATs, and other malwares.
To target an individual, all an attacker needs is the phone number associated with the account.
WhatsApp verified and acknowledged the security issue and have deployed the fix in web clients world-wide. To make sure you are protected, update your WhatsApp Web right now.
Check Point shared its discovery to WhatsApp on August 21, 2015. On August 27, WhatsApp rolled out the initial fix (in all versions greater than 0.1.4481) and blocked that particular feature.
CLICK HERE TO CONTINUE READING
Disclosure Timeline
Conclusions
“Thankfully, WhatsApp responded quickly and responsibly to deploy an initial mitigation against exploitation of this issue in all web clients, pending an update of the WhatsApp client” said Oded Vanunu, Security Research Group Manager at Check Point.
We applaud WhatsApp for such proper responses, and wish more vendors would handle security issues in this professional manner.
Check Point security researcher Kasif Dekel recently discovered significant vulnerabilities which exploit the WhatsApp Web logic and allow attackers to trick victims into executing arbitrary code on their machines in a new and sophisticated way.
All an attacker needed to do to exploit the vulnerability was to send a user a seemingly innocent vCard containing malicious code. Once opened, the alleged contact is revealed to be an executable file, further compromising computers by distributing bots, ransomware, RATs, and other malwares.
To target an individual, all an attacker needs is the phone number associated with the account.
WhatsApp verified and acknowledged the security issue and have deployed the fix in web clients world-wide. To make sure you are protected, update your WhatsApp Web right now.
Check Point shared its discovery to WhatsApp on August 21, 2015. On August 27, WhatsApp rolled out the initial fix (in all versions greater than 0.1.4481) and blocked that particular feature.
CLICK HERE TO CONTINUE READING
Disclosure Timeline
- August 21, 2015 – Vulnerability disclosed to the WhatsApp security team.
- August 23, 2015 – First response received.
- August 27, 2015 – WhatsApp rolls out fixed web clients (v0.1.4481)
- September 8, 2015 – Public disclosure
Conclusions
“Thankfully, WhatsApp responded quickly and responsibly to deploy an initial mitigation against exploitation of this issue in all web clients, pending an update of the WhatsApp client” said Oded Vanunu, Security Research Group Manager at Check Point.
We applaud WhatsApp for such proper responses, and wish more vendors would handle security issues in this professional manner.
