Vulnerability messenger WhatsApp allow attackers to install Trojans on users’ computers, extortionists and other types of viruses, reports CNews. The vulnerability affected all 200 million users of the Web version of messenger. Taking advantage of the vulnerability, an attacker can send a harmless at first glance, the contact card vCard, containing the malicious code. After the opening of the user of this card the attacker gains access to his system. It can be remotely installed on a computer program, extortionists, bots, tools for remote access to user data. vCard – a standardized file that contains the name, telephone number, email address and other contact information.
In order to carry out an attack, the attacker would need to know the mobile phone number of the victim, to which attached account WhatsApp. Web version of WhatsApp automatically open attachments sent from a mobile application, including images, videos, audio files, and vCard. The vulnerability has been fixed in version 0.1.4481. In all previous versions of WhatsApp is present. The patch was released on August 27, 2015 “Fortunately, WhatsApp team reacted quickly and in no time was able to fix the vulnerability,” – commented Oded Vanunu, a researcher at Check Point.
Recall that in August, Russian Security Council Secretary Nikolai Patrushev criticized officials for the use of foreign services, Google, Yahoo and WhatsApp. According to him, the Far East, measures to protect information slaboeffektivny. The State Duma idea of banning civil servants write to WhatsApp and use mail to Gmail is not shared by all. At the same time, foreign IT companies, which until September 1, will transfer personal data of its Russian people of the Russian Federation, can be blocked by Roskomnadzor, although the agency and promised to give Google time before 2016.
For more information about using services officials read the material” b “,” Nikolai Patrushev recognized by Google and WhatsApp spies ».
No comments:
Post a Comment