A major security hole was found in two popular messaging apps Telegram and WhatsApp. If these two messaging apps are used from a web browser then the problem can be faced at end to end encryption of these two apps. It is one of the most dangerous hacks in recent times as the hacker can take control of any Telegram/Whatsapp number by using this weakness.
Check Point, an Israeli security firm, discovered this issue.
How it Works
Through the web version of Telegram or WhatsApp, a hacker only has to send an image with malware in order to exploit this weakness. Through this image, the hacker can easily control the account of receiving person.
To explain this, we can say that a hacker sends a message to someone with a malicious HTML file covered with a picture through web version of Telegram or WhatsApp. The receiver thinks about someone sending him a picture but this malicious file will start downloading on the receiver’s phone as soon as he taps on the image.
End-to-End Encryption to Blame
The end to end encryption, thought to be a security check, is the main problem, according to the researchers of Check Point.
WhatsApp and telegram remained unaware of the content as the messages are encrypted without being conformed and it resulted in non protection of their sites.
Both Telegram and WhatsApp have accepted the presence of this problem and now taken security measures but they claim that nobody has exploited this vulnerability. It is normal as companies claim that after discovering of weakness in their service but there is no way to check this claim.
Safe For Now
In latest updates, both the companies have solved their security issues and both these services are safe to use now. These weaknesses can also be there on the web versions of their messaging apps but there are no reports about them so far.