Symantec Discovered a Media File Jacking Vulnerability in WhatsApp and Telegram

The Android versions of the messaging apps were affected

Cybersecurity company Symantec discovered a Media File Jacking vulnerability affecting the Android versions of messaging applications WhatsApp and Telegram and notified the respective companies.

Symantec vice president and chief technology officer for modern operating system security Yair Amit and Alon Gat, a software engineer on the company’s modern OS security team, detailed the vulnerability in a blog post.

They said the vulnerability occurs during the time between when a file received via one of the affected messaging apps is written to disk and when it is loaded into the app’s user interface.

If exposed, malicious attackers and cybercriminals could potentially manipulate those media files without people’s knowledge, including personal photos and videos, corporate documents, invoices and voice memos.

A

AW+

WORK SMARTER - LEARN, GROW AND BE INSPIRED.

Spring Special

Save 30% Off an ADWEEK Subscription Today!

View Your Options

Already a member? Sign in