WhatsApp and Telegram media files aren’t so secure after they reach your phone

While it is known to strongly encrypt messages during transmission, apps like WhatsApp and Telegram may not be able to safely keep your files on your phone. Today, Symantec researchers explain how hackers can use malicious apps to subtly alter media files sent through a service.

Android can store media such as images and audio files Internal storage that is accessible only through apps or external storage that is more widely available in other apps Access through. WhatsApp saves media through external storage by default, and the telegram performs when the application's "Save to Gallery" feature is enabled.

Researchers say that design options can access WhatsApp using malware with external storage access. Telegram the media file, maybe before the user views it. For example, if a user downloads a malicious app and then receives a photo from WhatsApp, the hacker can manipulate the image to prevent the recipient from being noticed. Multimedia messages sent by hackers can also be changed theoretically.

The researchers call the attack "media file cropping". This is a known issue in many respects and is a balance between the privacy and accessibility of messaging apps on Android. With popular external storage settings, your apps are compatible with other storage so you can move your photos and other data more freely. But it cost me. Last year, researchers pointed to similar problems.

The telegram did not immediately respond to the comment request. WhatsApp spokesman said changing storage systems could limit the ability of the service to share media files and even raise new privacy issues. "WhatsApp has been closely scrutinized for this issue and is similar to previous questions about mobile device storage affecting the app ecosystem," a spokesman said in a statement. "WhatsApp is the latest version of the operating system "

But these are not messaging apps. As researchers have pointed out, users are generally asked to" ensure the integrity of the sender's identity and the content of the message itself. We trust the encrypted application to protect it. "

" But as we mentioned in the past, there is no code that is immune to security vulnerabilities. "

Please Note: This content is provided and hosted by a 3rd party server. Sometimes these servers may include advertisements. igetintopc.com does not host or upload this material and is not responsible for the content.


Open

Close