Connect with us

Technology

Ways WhatsApp Chats Get Hacked

Published

on

Ways WhatsApp Chats Get Hacked

Ideally, WhatsApp users go by under the believe that WhatsApp’s security privileges protects their chats from being hacked or monitored by third party, but ironically enough, that alone isn’t a guaranty their WhatsApp Chats are safe from cyber attacks.

Here are some ways users can consider their WhatsApp chats vulnerable to attacks.

The Pegasus Voice Call Attack

The Pegasus voice call attack was a WhatsApp vulnerability identified in the first several months of 2019.

In this alarming exploit, hackers might gain access to a device by making a simple WhatsApp phone call to their victim. The attack might still be successful if the target didn’t answer the call. And it’s possible that the victim isn’t even aware that malware has been put on their device.

This functioned using a technique called buffer overflow. Here, code is intentionally crammed into a small buffer to the point that it “overflows” and writes to a region the attacker shouldn’t be able to reach. When a hacker has access to code in a place that ought to be secure, they might act maliciously.

Pegasus, an older and well-known spyware program, was installed as a result of this attack. Hackers were able to get information on phone conversations, messages, pictures, and videos as a result. They could even use it to turn on cameras and microphones so they could record.

On Android, iOS, Windows 10 Mobile, and Tizen devices, this vulnerability is present. For instance, the Israeli company NSO Group, which has been charged with snooping on Amnesty International employees and other human rights activists, used it. As soon as word of the breach spread, WhatsApp was modified to fend off such an assault.

You need to update WhatsApp right away if it is running version 2.19.134 or earlier on Android or version 2.19.51 or earlier on iOS.

Ways WhatsApp Chats Get Hacked

Using GIFs to Remotely Execute Code

Security researcher Awakened revealed a WhatsApp flaw in October 2019 that allowed hackers to take control of the application using a GIF picture. When a user uses the Gallery view to share a media file, WhatsApp processes photographs in a certain way that is exploited by the hack.

When this occurs, the software analyzes the GIF to display a file preview. Because they include many encoded frames, GIF files are unique. As a result, code may be concealed within the image.

A user’s whole chat history may be compromised if a hacker sent them a malicious GIF. The users’ chat history and the messages they exchanged would be visible to the hackers. Users’ files, pictures, and videos sent using WhatsApp were also visible to them.

WhatsApp versions up to 2.19.230 on Android 8.1 and 9 were vulnerable. Thankfully, Awakened responsibly exposed the vulnerability, and Facebook, who owns WhatsApp, corrected the problem.

You should keep WhatsApp updated at all times if you want to protect yourself from this issue and others like it.

WhatsApp Web

For someone who uses a computer for most of the day, WhatsApp Web is a useful tool. Users of WhatsApp may access it easily, eliminating the need for them to constantly pick up their phone to send messages. A better user experience is also provided by the large screen and keyboard.

But here’s the disclaimer. Even while the online version is convenient, it may be used to quickly get into your WhatsApp messages. When using WhatsApp Web on someone else’s computer, this risk exists.

Therefore, even after you exit the browser, if the computer’s owner checked the “keep me signed in” option during login, your WhatsApp account will remain signed in. The owner of the machine can then easily access your information.

By making sure to check out of WhatsApp Web before leaving, you may prevent this.

However, prevention is always preferable to treatment. The best course of action is to never use anything other than your personal computer to use WhatsApp on the web.

Audio/Video File Jacking

This exploit makes use of the way media assets, such as images or movies, are received by apps to write those files to the device’s external storage.

The malware is first installed as part of the attack inside an app that first appears to be secure. Then, Telegram or WhatsApp can keep an eye on incoming files. The malware could replace the genuine file with a phony one when a new file is received.

The issue’s discovery firm, Symantec, hypothesized that it might be exploited to con individuals or disseminate false information.

But there is a simple solution to this problem. You should check under Settings and select Chat Settings when using WhatsApp. Next, locate the Save to Gallery option and confirm that it is turned off. You will be shielded from this vulnerability as a result.

However, a real solution to the problem will need app developers to fundamentally alter how apps handle media files going forward.

Ways WhatsApp Chats Get Hacked

Facebook May Not acknowledge WhatsApp’s promises

WhatsApp said in an official blog post that Facebook cannot access WhatsApp content because of its end-to-end encryption:

“The most recent version of WhatsApp encrypts all messages by default, making you and the people you message the only ones who can read them. Your encrypted messages are private and unreadable even as we work more closely with Facebook in the coming months. Not Facebook, WhatsApp, or anyone else.”

Gregorio Zanon, a developer, contends that this is not precisely accurate but a very political statement. Although WhatsApp uses end-to-end encryption, not all communications remain private despite this. Apps can access files in a “shared container” on operating systems like iOS 8 and higher.

The WhatsApp and Facebook applications share the same device container. Additionally, while chats are encrypted when they are sent, they may not always be encrypted on the device from which they originated. This means that the Facebook app may be able to steal data from WhatsApp.

There is no proof that Facebook has accessed private WhatsApp communications through shared containers. However, the opportunity exists. Even with end-to-end encryption, Facebook’s all-encompassing net may still be able to access your messages.

Paid Apps from Third Party

This technology makes it very simple to perform covert WhatsApp hacks. You’d be astonished by how many legally sanctioned commercial programs have appeared on the market with the sole purpose of breaking into secure systems.

It’s very uncommon for large firms to collaborate with repressive governments to target activists and journalists, or for hackers to target you in order to steal your personal information.

Your WhatsApp account can be easily hacked by programs like Spyzie and mSPY to obtain your personal information. All that’s required is for you to buy, download, and activate the app on the target phone. Then, you may unknowingly connect to your app dashboard via a web browser and access private WhatsApp information like messages, contacts, status updates, etc.

Ways WhatsApp Chats Get Hacked

WhatsApp Clones

Cybercriminals all over the world still use an outdated hacking technique called using phony website clones to install malware. Malicious websites are these clone sites.

Now, Android systems can also be penetrated using the same technique. An attacker will initially attempt to install a WhatsApp clone that can look remarkably similar to the genuine app in order to break into your account.

Consider the WhatsApp Pink scam as an example. It is a clone of the original WhatsApp and claims to alter the background color from the default green to pink.

This is how it goes: Unaware users can change the background color of their app by downloading the WhatsApp Pink app via a link sent to them.

Additionally, even while the software actually does change the background color of your app to pink, as soon as you install it, it will begin gathering data from all of your phone’s files, including everything else than WhatsApp.

Ways WhatsApp Chats Get Hacked

Socially Engineered Attacks

Through socially engineered attacks, which take advantage of psychological flaws in people to steal information or disseminate false information, you can also be susceptible to having your WhatsApp hijacked.

One instance of this attack, known as FakesApp, was disclosed by the security company Check Point Research. Due to this, users were able to change the text of another user’s reply and abuse the group chat function of quotes. In essence, hackers might insert phony messages that seem to come from other reliable individuals.

By decrypting WhatsApp chats, the researchers were able to accomplish this. They were then able to view information transmitted between WhatsApp for mobile and WhatsApp for the web.

They might modify values in group chats from this point on. They could then send communications appearing to be from other people by impersonating them. They could alter the text of responses as well.

Worrisome ways of using this to promote fraud or false information are possible. According to ZNet, the researchers talked at the Black Hat conference in Las Vegas in 2019, even though the vulnerability was first discovered in 2018.

Therefore, it is crucial that you have the ability to spot WhatsApp scams and occasionally remind yourself of these warning signs.

 

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

UK Government To Set Online Bill Criminalizing Self Harm

Published

on

UK Government Sets Online Bill To Criminalize Self Harm

In an effort to stop what it calls “tragic and preventable deaths caused by people seeing self-harm content online,” the UK government has announced it will further broaden the scope of online safety legislation by making encouraging self-harm a crime.

According to the most recent modification to the divisive but popular Online Safety Bill, in-scope platforms would be compelled to remove anything that purposefully encourages someone to physically harm themselves, or face legal repercussions.

The government intends to tackle “abhorrent trolls urging the young and vulnerable to self-harm,” according to the secretary of state for digital. People who post such content online may also be prosecuted under the new offence of encouraging self injury.

The maximum fines will be announced in due time, according to the administration.

In the UK, it is already unlawful to promote or aid suicide, whether in person or online. By creating a new offense, self-harm content will now be subject to the same laws that already ban suicide promotion.

Following a snag, last summer associated with political unrest in the ruling Conservative Party, the Online Safety Bill’s progress through parliament is now on hold. However, the newly reorganized UK government has declared that it will reintroduce the measure to parliament next month after making changes to the law.

The abuse of intimate imagery is a problem that will be addressed by recent revisions to the Online Safety Bill, which was just made public by the Ministry of Justice. However, other revisions are planned regarding “legal but harmful” information, thus the final form of the Act is still up in the air.

The government responded to concerns about the bill’s impact on online freedom of expression a few months ago. The (new) secretary of state, Michelle Donelan, announced in September that she would be “editing” the bill to lessen concern about its impact on “legal but harmful” speech for adults.

The most recent changes, making it illegal to send online communications encouraging self harm, came after that announcement.

UK Government Sets Online Bill To Criminalize Self Harm

Donelan was quoted by the BBC as claiming that Molly Russell, a 14-year-old teenager who committed suicide five years ago after watching thousands of online articles on self-harm and suicide on websites like Instagram and Pinterest, was a factor in the most recent changes.

Social media was found to have contributed to Russell’s death, according to the results of an inquest into her death in September. While the coroner’s “prevention of future deaths” report from last month that a number of steps be done to control and monitor young people’s access to social media content.

The addition of the crime of promoting self harm, according to the Department for Digital, Culture, Media, and Sport, will outlaw “one of the most worrying and prevalent internet harms that now falls below the threshold of criminal behavior.”

Donelan stated in a statement:

“I am determined that the abhorrent trolls encouraging the young and vulnerable to self-harm are brought to justice.

“So I am strengthening our online safety laws to make sure these vile acts are stamped out and the perpetrators face jail time.

“Social media firms can no longer remain silent bystanders either and they’ll face fines for allowing this abusive and destructive behaviour to continue on their platforms under our laws.”

Hate crimes, rules regarding revenge porn (including disseminating deepfake porn without content), harassment, and cyberstalking are among the other top criminal offenses already mentioned in the bill.

Regardless of what the measure states on paper, there are still a lot of unknowns regarding how platforms will react to having legal obligations imposed on them to police all forms of speech, as well as if it would actually increase web user safety as claimed.

Critics worry that the regime will have a chilling effect by turning platforms into de facto speech police and encouraging them to overblock content in order to reduce their legal risk of paying a hefty fine.

The regime’s penalties scale up to 10% of global annual turnover, and non-cooperative senior executives even run the risk of going to jail.

On Monday, December 5, the bill is scheduled to return to parliament.

 

 

 

 

 

 

 

Continue Reading

Technology

Twitter Amnesty Is What Elon Musk is Going For Next

Published

on

Twitter Amnesty Is What Elon Musk is Going For Next

Tesla CEO and newly appointed Twitter CEO, Elon Musk did promise a new dimension for the micro-blogging social media platform prior to taking over, and his actions recently, have just about lived up to the promise, but now, the billionaire is set for an ‘amnesty’ that surely will drive some political divides nuts if certain individuals are granted Twitter amnesty as he wants.

Elon Musk announced on Thursday that starting the next week, Twitter will provide suspended accounts “a general amnesty.” The day before, the platform’s CEO published a poll asking users if they thought affected accounts should be restored.

The announcement comes just after Musk lifted the platform’s restriction on former president Donald Trump after conducting a related poll. Trump declared he had no intention of returning to the platform despite being banned following the attack on the US Capitol on January 6, 2021.

Users of the Twitter platform who had their accounts suspended could rejoin the network “assuming they have not broken the law or engaged in egregious spam,” according to Musk’s user survey.

Twitter Amnesty Is What Elon Musk is Going For Next

The survey received responses from about 3.2 million individuals, who voted 72.4% in favor of amnesty.

“The people have spoken. Amnesty begins next week. Vox Populi, Vox Dei,” Musk said, using a Latin phrase that means “The voice of the people is the voice of god.”

Historically, Twitter has deactivated accounts who advocate violence, celebrate hate and harassment, or persistently disseminate false information that may be harmful.

Some well-known people who were banned from the website include MyPillow CEO Mike Lindell, who made a number of claims that Trump actually won the 2020 presidential election, former Trump advisor and former executive chairman of Breitbart Steve Bannon, who said Anthony Fauci and FBI Director Christopher Wray should be beheaded, and Proud Boys founder Gavin McInnes, who broke the website’s rule against violent extremist groups.

Considering that more voices with possibly negative views will be returning to the site, it’s unclear from Musk’s brief post how Twitter will handle content control going forward.

These worries have only grown as a result of Musk’s huge firings and the outflow of workers who would rather leave than remain “hardcore.”

Elon Musk is surely growing more unpopular by remaining popular these days.

Continue Reading

Technology

Twitter Working On New Feature For Long Texts

Published

on

Twitter Working On New Feature For Long Texts

Writing a thread on Twitter can be considered daunting especially when you have to divide the text into 280-character sections for it to make meaning.

Good news though as the platform is stated to be working on a way to convert lengthy texts into threads automatically.

When a tweet exceeds the 280-character limit, Twitter’s composer will automatically divide it into a thread, according to a tweet from app researcher Jane Manchun Wong.

Twitter wants to make making threads less difficult, as she stated in a message to a user (identified as me).

Currently, in order to add a tweet to a thread and post the subsequent 280 characters, users must click the Add button. This can be particularly unpleasant when you are trying out an idea or pasting information from another document.

Several users have recently brought up the difficulty posting to and reading conversations with more than a few tweets; the thread in question was 82 tweets long and focused on the defunct crypto-currency exchange FTX. In response, Musk stated that the team is working to make thread writing simpler.

It will be useful to have markers to designate the start and end of a tweet in the thread, although the exact implementation details remain unknown, as Financial Times product manager Matt Taylor noted. This makes it simpler for users to change the text in a way that doesn’t disrupt the reading flow.

Musk has previously addressed the problem of posting lengthy tweets. He previously stated that the social network is developing the capability to attach long-form content to tweets. If that will be a standalone feature from the new thread composer is unclear.

Currently, some users rely on third-party programs like Typefully, ThreadStart, and Chirr App, which offer capabilities like scheduling along with tools to automatically divide your post into threads without interfering with sentence flow.

Thanks to its acquisition of Threader the previous year, the company today provides Twitter Blue customers with a simple way to read threads. However, Musk hasn’t actually stated whether he is altering the reading experience for the typical user.

There is already a long-form writing program on Twitter called Notes, but it is exclusively available to a small number of writers, and under Musk’s leadership, its future is unclear.

Even though Twitter programmers are already working on it, it is unclear when the new composer tool for threads will launch. Since taking over the business, Musk has let go of more than half the employees.

Numerous executives have left, and the new leader even gave the remaining employees yesterday an ultimatum: either be “hardcore” or quit. There is no assurance that goods will be delivered on time in this situation.

The new Twitter Blue plan with a verification mark was hurriedly launched by the firm, only for the scheme to be discontinued a few days later. Musk stated earlier this week that the launch date had been moved to later in the month.

Wong just found code that suggests Twitter is working on encrypting direct communications from end to end.

 

Continue Reading

Trending