Dangers of Instant Messaging

The popular messaging application known as Whatsapp and application Telegram are known to be vulnerable to the new vulnerability known as “media file jacking”.

Whatsapp and Telegram are both known for end to end encryption for private and secure messaging, however there is a security flaw. The end to end encryption is not the issue, the issue lies in the applications themselves as they are not encrypted.

Each time a user agrees to the policy of a application -it will state that the user is allowing the application to their phones internet, contacts, location, sending push notifications, etc. This is where the exploit is occurring. The attacker is accessing the application which allows them access into the phones direct storage.

This is not a man in the middle attack, as the hacker is not sitting by reviewing the traffic. The hacker has access to view all media data and delete the data. It has not been determined exactly why a hacker would enter a users mobile device to delete some or all of their photos. But the risk is there, it is suggested to protect yourself by disabling the feature that saves files to external storage.