Although rarely exploited, vulnerability testing reports on WhatsApp have become prevalent in the cybersecurity community. The most recent of these reports refers to multiple failures that could alter some aspects in the user interface.
Gal Weizman detected multiple vulnerabilities in the messaging service that
could be exploited in real-world scenarios, exposing users to serious risks,
such as sending malicious links or remote injection of code.
It should be mentioned that the vulnerability testing
report mentions that all the flaws discovered by Weizman are found in WhatsApp
Web, the desktop version of the messaging service. Its exploitation
would allow sophisticated phishing campaigns to be deployed, spread malware,
and even some variants of ransomware, putting millions of users at risk.
Soon after, a WhatsApp spokesperson mentioned
that the company, owned by Facebook, has already received the report, so the
bugs were fixed shortly after: “The issue we addressed in the most recent
update could have affected thousands of users of WhatsApp Web platform; we
appreciate the security investigator’s report.”
While this flaw has already been fixed, similar
new threats could appear shortly, so vulnerability testing specialists at the
International Institute of Cyber Security (IICS) recommend that you be careful
when interacting with a message received via WhatsApp Web containing the text
activity, especially if it is sent from an unknown account.