WhatsApp Discovered a bug in WhatsApp: so they can manipulate your photos before they arrive
WhatsApp It is by far one of the applications most used by users around the world. They are more than 1.5 billion registered profiles and the indispensable tool in digital communications. That is why the moments in which they produce disconnections and, of course, technical failures are still worrying. The “app” implemented two years ago, and after as many criticisms, an end-to-end security system that promises great security for conversations.
But cybercriminals are skilled. They always find some way to penetrate the systems. An investigation by the security firm Symantec has uncovered evidence of a significant vulnerability that allows a malicious person to manipulate sent images and videos before they reach their intended recipient. This security flaw, called «Media File Jacking“, affects WhatsApp for Android by default already Telegram for Android if certain functions are enabled. It also allows you to modify the audio files as well.
This problem only affects the versions of Android mobile devices, the most widely used operating system in the world. It is an image hijacking-type attack and occurs, according to the researchers, by the system implemented by this digital service when storing files. Both applications save the images received by users without an identification string that informs whether they have been altered by a third-party application.
It is an opportunity that, well exploited, can sow confusion among users. The researchers explain that the failure is due to the time that elapses between the moment the files are received and when loaded into the chat interface of applications for users to consume. In other words, the moment in which users request the order to download the image to view it, it can be intercepted and, therefore, people’s privacy may be at risk.
“This critical time frame presents an opportunity for cybercriminals to intervene and manipulate media files without the user’s knowledge. If the security flaw is exploited, an attacker could manipulate confidential information, such as personal photos and videos, corporate documents, invoices and voice notes. Yair amit and Alon gat, authors of the investigation, in a statement.
Experts believe that although end-to-end encryption is an effective mechanism to ensure the security of communications, this system is not sufficient if there are vulnerabilities in the programming code. «What we discovered in the research is that attackers can successfully manipulate multimedia files by taking advantage of the logical failures of the applications, which occur before or after the content has been encrypted, “the researchers add.
By default, WhatsApp stores the received multimedia files by a device in an external storage in the following path: / storage / emulated / 0 / WhatsApp / Media. In Telegram, if a user enables the “Save to Gallery” function, assuming it is safe and without understanding its indirect ramifications, the “app” will store the content of the files in a similar way in: / storage / emulated / 0 / Telegram /. The problem, the researchers emphasize, is that both are public directories: “applications load files received from public directories for users to see in the chat interface when they enter the corresponding chat», They point out.
Therefore, the fact that files are stored and loaded from external storage without proper security mechanisms can put the integrity of multimedia files at risk. If the attacker accesses the files first (this can happen in real time if “malware” monitors public directories for changes), recipients will see the tampered files before they see the originals. Also, the miniature that appears in the notification that users see will also show the manipulated image or file, so the recipients will not have any indication that the files have been changed. Experts believe that, to avoid this possible problem, it is more convenient to save the images in a storage service in the “cloud” or on the device itself.
Other experts believe that the flaw is not too serious but that, once again, it demonstrates the impact of user permissions on the most popular applications. The operation of the bug is based on user permissions. Each app only has access to its files. What happens is that if you one of those files -a photo that comes to you from another contract– if you leave it on the photo reel, all the apps that have access to the reel will have access to the photos. The “bug” clearly demonstrates why it is necessary to limit access to according to which application permissions », points to this newspaper Lorenzo Martinez, security expert from Securízame.
How to disable photo storage
Disabling storage of media files on external storage can make instant messaging app users mitigate the risk of the files. To do this, you must follow these steps: enter WhatsApp, access “Settings” and enter the “Chats” section. There it will be necessary to deactivate «Save in photos».