Check Point, a California based IT Security firm that innovated the FireWall-1 protocol, have warned that a bug in the web based portal for the ever popular and much used messaging service WhatsApp has put up to 200 million global users at risk of succumbing to Ransomware attacks.
The issue centres around a glitch that allows hackers and criminal organisations to distribute malicious software which demands that victims pay a ransom to gain back control of their files and devices.
The vulnerability only affects the web-based portal of the service. WhatsApp, who were alerted to the issue on the 21 August, issued a patch a week later, but the solution only works if users update their software. This means that millions of WhatsAppers could still be affected and left open to attack.
Check Point reports that a backdoor is caused by the way WhatsApp handles contacts sent in Virtual Card format.
All a malicious user needs in order to send a V-Card that looks legitimate, is the target’s mobile number, and as we constantly hear on the news, this kind of information is frequently stolen or hacked and released to the DarkNet.
Once opened, the V-Card could distribute any kind of malicious code the hacker wished.
So, if you are an online WhatsApp user, please make sure you frequently update your software and only open V-Cards from trusted sources.