“WhatsApp for Web” vulnerability could give hackers control over computers

Users of “WhatsApp for Web” could easily have their security and devices compromised. According to a security research company, the web interface — which lets people read and write messages on their computer — has a security issue that lets hackers take over computers using just a phone number and a simple message.

WhatsApp for Web

At least 200 million people are thought to be using the online interface. The app, “WhatsApp Web” is available on almost every platform, after the company quietly launched it on iPhone in August 2015.

All of those users could be vulnerable to the exploit. Hackers would just send them a small, apparently innocent contacts file — which, when opened, would allow hackers to run malicious code and leave them open to being hit by code that could take control of their computer, watching what they are doing, or use it to spread viruses.

WhatsApp app on a mobile phone

The security issues were a result of the fact that the WhatsApp web platform lets anyone see files or media attachments that are sent by users. One such a file type was vCard contact files, which would appear as innocent to users but then would actually be an executable file that can install viruses.

US sailors fighting cybercrime or computer crime by analysing and responding to unauthorized activity within U.S. Navy information systems and computer networks

WhatsApp has acknowledged the issue and has rolled out an update to web clients that blocks the problem feature. Users are advised to check that they are using a fully up-to-date version of the web client to ensure that they are not vulnerable to the problem.

Example of a computer virus

Read about a bug affecting Android users here!

(All images - credit: Wikimedia Commons under Creative Commons licence)