Users of WhatsApp Web (the browser-based version of the app) were recently targeted with an image-based security threat where simply clicking an image could have hacked their accounts.
A security vulnerability was present in WhatsApp Web and it was recently patched by WhatsApp. By exploiting this vulnerability, an attacker could send a malicious code (virus or malware) hidden within an image to their target. And clicking this image would let the attacker take control of the victim’s WhatsApp account and access all its data – pics, videos, chats, contact lists, everything. And by having access to the contact list, the attacker could send the same infected image to the victim’s contacts – spreading it to others and making this attack into some kind of a fission reaction – one infection leads to another and so on.
The same security vulnerability was also detected in the browser-based version of another popular messaging app Telegram. Good news is, the flaw has been fixed for both of them.
Points to remember: