Vulnerabilities in WhatsApp do not stop and now one has been discovered that can steal data from a PC or a Mac computer. It is a vulnerability that a security researcher has discovered and has detected how "easy" it is access private data from a PC or Mac through the WhatsApp desktop app.
The positive thing about this news is that the bug has already been corrected, but the dangerous thing is that it had been open since 2019, in fact, it was discovered at the end of December.
How to recover a suspended WhatsApp account
The work of the security researcher has been key, therefore, that Facebook has paid more than $ 12,000. The discoverer of this fault is Weizman and works for PerimeterX.
This new ruling is called the code CVE-2019-18426 and Weizman's investigation began by modifying a message. That message was already malicious, since I discovered that being a long message you had to click on "read more", and that is where the trap that allows access to the PC is hidden.
The user receives the message and the malicious code was executed giving cybercriminal access to the entire computer (in case of Windows computers).
As if this seemed not enough, the researcher discovered that WhatsApp Web is mounted on a somewhat outdated version of Chromium (Chrome 69 of 2018) and from which cybercriminals will be able to nurture to take advantage of all the failures that are still without a security patch.
The researcher not only discovered that, but realized that WhatsApp security was badly configured for what I was giving "goes free" to hackers.
The complexity of this vulnerability caused Weizman to act as a hacker and discover where cyber criminals can reach. So much so that he realized that they could read private files on PC and Mac
The vulnerability named CVE-2019-18426 also allows the manipulation of links in WhatsApp messages. This leads us to something quite serious, phishing.
The latter is the impersonation of a brand with little intentions lcitas. Detecting phishing is very complicated, since you have to be aware of many factors, but we recommend to be cautious when we visit a website of doubtful origin and more if it appears in a link in WhatsApp.
The vulnerability already explained, acted in versions prior to WhatsApp Desktop 0.3.9309. Now it is convenient to make sure what version of WhatsApp we have in our device, and update if there is any pending.
This new vulnerability makes us suspect that, quizzes and just quizzes, Telegram is right with its conclusions. This company accuses WhatsApp of creating "backdoors" (failures) on purpose to allow access to private user data by authorities.
It is a very serious accusation, it is true, but it came after we learned that WhatsApp suffered up to 12 vulnerabilities throughout 2019, and 8 of them were critical or very serious.
WhatsApp is in a constant tug of war with the American government to remove its encryption from end to end and allow the FBI access to mobile phones of certain people of interest to the American government, such as terrorists.
To all this we must add the hacking that Jeff Bezos suffered in his WhatsApp account by Prince Saud. All this leaves anyone frozen, since despite having security encryption, there are still open doors to our information.
Be that as it may, WhatsApp is in the eye of the hurricane and more now that serious security failures are discovered in its application. This coupled with the accusation of Telegram and the climate of insecurity caused by these vulnerabilities in WhatsApp users.
How to hide WhatsApp at work