The British Guardian newspaper published yesterday a report revealing that Saudi Crown Prince Mohammed bin Salman used WhatsApp to penetrate the phone of American billionaire Jeff Bezos directly, the founder of Amazon, so what method was used?
WhatsApp messaging is popular and easy to use, and it also contains some security features, such as end-to-end encryption to keep messages private. However, the hacks it targets may jeopardize the privacy of your messages and contacts.
There are five common ways to hack WhatsApp:
1. Funny GIF image
Last October, the Singapore-based security researcher known as Awakened revealed a security vulnerability in the WhatsApp application that allows hackers to control the application using GIF images that are widely circulated among friends.
The hack works by taking advantage of the way WhatsApp processes the images. Images in a "GIF" format contain several encrypted files. This means that malicious programming can be hidden within the image. And when the user opens the image through the Gallery to resend or browse it, this malware is done inside the target device.
This process could jeopardize the entire user’s conversation history, hackers would be able to see who the user was sending messages to, and what they had said, and hackers could also view user files, photos and videos sent via WhatsApp.
Awakened revealed the vulnerability, and told Facebook that owns WhatsApp, and they were able to solve the problem. In order to maintain your phone, you must update WhatsApp to version 2.19.244 or higher.
| Jeff Bezos and his girlfriend, Lauren Sanchez, were victims of WhatsApp hacking (Reuters) |
2. Pegasus attack
Another problem was discovered in WhatsApp in early 2019, when the Israeli spy company NSO penetrated the phones of a group of activists. This attack allowed hackers to gain access to the device simply by making a voice call via WhatsApp to their target.
This breach occurs even if the target does not respond to the call, and the attack will remain effective. The target may not realize that the malware was installed on its machine.
This attack works by a method known as (dumping), which is the buffer overflow. This store contains software codes that are securely preserved, but the vulnerability that the company found is that if the store is full it does not stop receiving these codes, but is stored elsewhere that this malware should not reach.
And when a hacker can run code on this supposedly secure site, it can easily hack the device.
The attack uses a piece of software from the oldest known spyware, "Pegasus", which allows hackers to collect data on phone calls, messages, photos and videos, and even allows them to activate device cameras and microphones to take records.
This technology can be used on any device, and was used by the Israeli company, which was accused of spying on Amnesty International employees and other human rights activists, and recently it accused Saudi Arabia of using it to track down Saudi activists, and even penetrated the Amazon founder Jeff Bezos by a voice call on WhatsApp from the Saudi Crown Prince Muhammad Bin Salman as revealed by the Guardian newspaper recently.
After the breakout news has been published, WhatsApp has been updated to protect it from this attack. If you are running WhatsApp version 2.19.134 or earlier on Android or version 2.19.51 or earlier on iOS, then you need to update the application on The spot.
| The Israeli company logo accused of spying on Amnesty International employees and other human rights activists ( Getty Images ) |
3 . Socially engineered attacks
Another way to make WhatsApp easy to hack with socially engineered attacks is to use psychology (delusion) to steal information or spread misinformation.
A security company called Check Point has revealed a similar attack, called FakesApp. This attack allowed people to use the quote feature in group chats and change the text of someone else’s response. Essentially, this allowed hackers to grow fake phrases that appear to be from other users.
The researchers were able to do this by decrypting WhatsApp connections. This allowed them to see the data sent between the mobile version and the WhatsApp version on the web. From here, they can change the values in group chats. Then they can impersonate other people, send messages that appear to be real, and they can also change the text of the responses.
For example, when sending a thank-you message to a friend, this software identifies the code of the person being sent and sent to it, changes the text with another text that may be annoying and sends it to the target person or group.
The researchers note that this can be used in disturbing ways to spread tricks or fake news. Although this trick was unveiled in 2018, it was not corrected until researchers talked about it at the Black Hat hacking conference in Las Vegas in 2019, according to ZDNet, the site concerned with technology.
4. Photo and video files
This attack takes advantage of the way apps receive media files, such as photos or videos, and write these files to external device storage.
The attack begins with installing malicious software hidden within an apparently harmless application. This malicious program can then monitor incoming files for Telegram or WhatsApp. When a new file appears, malware can replace the real file with a fake file.
Researchers who discovered this case, from Symantec Security, suggest that this method can be used to defraud people or spread fake news.
There is a quick solution to this problem. In the WhatsApp app, you should search in the settings and go to the chat settings, then search for the option "Save to Photo Gallery", and make sure that it is set to "Off". This will protect you from this vulnerability.
However, the real fix for the problem would require the app developers to completely change the way the apps handle media files in the future.
5. Facebook is spying on WhatsApp
The last issue to consider is a security issue rather than a real vulnerability, as it comes to whether Facebook can read WhatsApp messages or not.
Since WhatsApp uses end-to-end encryption, it is impossible for Facebook to read WhatsApp content, however, according to developer Gregorio Zannon, this is not entirely true; the fact that WhatsApp uses end-to-end encryption does not mean that all messages are private. On an operating system such as iOS8 and above, malicious applications can access files in a "shared container".
Facebook and WhatsApp use the same container on your phone to save files. Although chats are encrypted when sent, they are not necessarily encrypted on the original device when you enter the shared container; this means that the Facebook application can copy information from the WhatsApp application.
These are examples of how WhatsApp can be hacked, and while some of these problems have been corrected since their detection, others have not been corrected.