ilustrasi chat whatsapp 169 How To Fix Blurred WhatsApp Profile Photos, Also Know The Causes Mitra IT | Your Trusted & Reliable Software Solutions google

There Is A “Hole” In WhatsApp, Don’t

Click Links Or Download Files Randomly

Jakarta, KompasTekno This gap allows hackers to abuse the Multi-Device feature on WhatsApp, which is a feature that allows one WhatsApp account to be used on multiple devices simultaneously.

Through this feature, hackers are able to find out the type and number of devices, as well as the operating system (OS) used by users when accessing WhatsApp, so that hackers only need to find a method to attack the user’s device.

For example, if a user uses a device with a Windows operating system, hackers will send malicious software (malware) that can hack Windows, but if the user uses Android, the malware sent is adjusted.

Zengo Co-Founder Tal Be’ery said that this security gap is caused because WhatsApp generates different message identification codes (message IDs), depending on the platform used by the user, whether Windows, MacOS, Android, or iPhone.

For example, Android smartphones generate a message ID with 32 characters, while iPhone devices use 20 characters with an initial code (prefix). On the other hand, the number on WhatsApp Desktop for Windows is 18 characters.

This message ID can be seen and exploited by hackers to obtain user information, which is then followed by attempts to send malware.

“We found that different WhatsApp implementations (on platforms) produce different message IDs, which allows us to identify them, to find out if the message came from Windows,” said Be’ery.

It should be noted that this security hole has not been widely exploited, but it is a good idea for users to be careful, for example by not clicking on links or downloading files carelessly.

Researchers at Zengo have asked Meta (parent of Facebook, WhatsApp, Instagram) to address this vulnerability. As of October 16, 2024, Meta has acknowledged the bug report, but has not said when it will fix it.

“We appreciate the researcher’s submission,” said a Meta spokesperson.

“We remain focused on protecting our users from attacks, while ensuring that we can run a service that is used by more than 2 billion people around the world smoothly,” he continued to the news media The Register.

Previously, a team of security experts at Zengo also found a vulnerability in WhatsApp’s View Once feature.

This feature allows users to send photos and videos that will disappear when viewed once by the recipient.

The bug allows users to open View Once messages repeatedly, posing a risk to the privacy of users who use the feature to send important messages or documents.

However, the feature has been fixed by Meta since September 12, 2024, as quoted by KompasTekno from GizChina, Tuesday (10/22/2024). Now, users just have to wait for Meta to fix the Multi-Device feature loophole.

SOURCE : KompasTekno