What is ‘Whatsapp?’
Whatsapp is a free service that allows users to send instant messages, stickers, photos and videos, play games, and make audio and video calls, much in the same way as Facebook messenger.
Seen by many as a competitor of facebook, in truth Whatsapp is actually owned by Facebook themselves who bought the company for 19 billion dollars in early 2014.
Whatsapp vulnerability controversy
Whatsapp is no stranger to controversy, especially when it comes to hackers taking advantages of vulnerabilities in the service’s code and encryption.
In 2013, the internet was awash with stories about Whatsapp’s SSL (Secure Sockets Layer) encryption that was used to protect payment services such as paypal and google wallet and you could use them on Nokia phones. Fears that the connection between the whatsapp server and the browser were not secure when making payments turned out to be true and this led to some panic among users.
Hackers were able to intercept the legitimate payment payment services and then redirect the user onto their own site where they would extract their payment details.
This brought criticism from cyber security experts, not only aimed at Whatsapp, but at mobile based apps in general, and is similar to the mac vs windows battle of security, with some saying that mobile apps were often ‘hastily constructed’ and this was a big risk to internet security in general.
Since then, there have been multiple scares and admittances from Whatsapp about security fears, bugs, and malware making their way into the app. An Israeli security firm called Check Point discovered a vulnerability in the browser based version of Whatsapp, and although this didn’t affect the mobile app, it still did little to inspire confidence in users.
This particular vulnerability came via hackers sending an attachment that would spread the malware once opened and allow them access to the user’s account and allowing them to take control of it and with the new 5g speed a virus could be downloaded in seconds.
As recently as December 2019, there were reports from Facebook about remote code execution attack vulnerabilities in Whatsapp versions before update 2.19.274.
This bug is sent to users through MP4 video files by hackers and could cause denial of service or remote code attacks.
Has whatsapp fixed the paypal google account ssl vulnerability yet?
This is a hard question to answer with a fully confident affirmative, and I’ll explain why.
Yes, the original issue that Whatsapp had back in 2013 has since been looked at and dealt with by the owners of the app, and that particular vulnerability is no longer an issue.
However, cyber security is an ongoing war between security companies and hackers who are growing ever more sophisticated and are constantly trying to find new vulnerabilities to exploit. This is just the way the internet is and I can’t see it changing anytime soon.
Apps like Whatsapp are particularly vulnerable to hackers, and are an easy target in many regards. Hackers only need to disguise their malware as an attachment and most will click on it without a second thought as it is one of probably hundreds that they get sent every week.
This combined with the fact that many people have their PayPal and other payment services linked, make them a prime target for hackers.
These days, the mobile version of Whatsapp is considered safe for users to use but I would still be wary of the browser based version as it is easier to be hacked that way.
Always be on your guard about the possibility of being hacked and delete/report any suspicious attachments. A lot of the time hackers need your ‘permission’ to access your account and you give them this by opening the attachment, so just be a little more careful and it will increase your account’s security.
