WhatsApp vulnerability for Spreading Malware


2 min read
WhatsApp vulnerability for Spreading Malware

WhatsApp vulnerability for Spreading Malware

A Cross site scripting (XSS) vulnerability in WhatsApp website reported to The Hacker News by Edgard Chammas. WhatsApp is one of the most famous cross-platform mobile messaging app for iPhone, BlackBerry, Android, Windows Phone and Nokia used to send text, video, images, audio b/w Whatsapp users.

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users.

Reported vulnerability exist on payment procedure page as shown in above picture. The Sample code given below to demonstrate the vulnerability.

Recently, there has been an increase in web malware and spam activities and such vulnerabilities can be misused by attackers to spread Malwares and rogue applications.

Edgard also demonstrate that How this can be used to trick users to download a fake application (Malware - WhatsApp.apk) from other any evil domain (www.evilwebsite/WhatsApp.apk). in below given example, attacker just using a pop-up window to open fake application download link.

While the official binary is here http://www.whatsapp.com/android/current/WhatsApp.apk

According to reports in 2012 mobile malwares are 50 times increases than previous ever. We request Whatsapp team to fix the vulnerability as soon as possible.

Follow us on Telegram and Twitter for all such latest cybersecurity news and updates.


SSL/TLS attack for Hijacking HTTPS Sessions
Previous article

SSL/TLS attack for Hijacking HTTPS Sessions

New SSL/TLS attack for Hijacking HTTPS Sessions Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS

Reliance Net Connect Hacked
Next article

Reliance Net Connect Hacked

Reliance Net Connect website Defaced by Hackers Reliance Net Connect , a venture of Reliance Communications , one of the leading CDMA & GSM Service providers in


GO TOP

🎉 You've successfully subscribed to Hack Reports!
OK