Search

Hackers Can Manipulate Media Files via Whatsapp


If you think that the media files you receive on your end-to-end encrypted secure messaging apps can not be tampered with, you need to think again.

Security researchers at Symantec yesterday demonstrated multiple interesting attack scenarios against WhatsApp and Telegram Android apps, which could allow malicious actors to spread fake news or scam users into sending payments to wrong accounts.

Dubbed "Media File Jacking," the attack leverages an already known fact that any app installed on a device can access and rewrite files saved in the external storage, including files saved by other apps installed on the same device.

WhatsApp and Telegram allow users to choose if they want to save all incoming multimedia files on internal or external storage of their device.

However, WhatsApp for Android by default automatically stores media files in the external storage, while Telegram for Android uses internal storage to store users files that are not accessible to any other app.

But, many Telegram users manually change this setting to external storage, using "Save to Gallery" option in the settings, when they want to re-share received media files with their friends using other communication apps like Gmail, Facebook Messenger or WhatsApp.

It should be noted that the attack is not just limited to WhatsApp and Telegram, and affects the functionality and privacy of many other Android apps as well.

How Does "Media File Jacking" Attack Work?

Just like man-in-the-disk attacks, a malicious app installed on a recipient's device can intercept and manipulate media files, such as private photos, documents, or videos, sent between users through the device's external storage—all without the recipients' knowledge and in real-time.



Spread fake news

In Telegram, admins use the concept of "channels" in order to broadcast messages to an unlimited number of subscribers who consume the published content. Using Media File Jacking attacks, an attacker can change the media files that appear in a trusted channel feed in real-time to spread fake news.

Android Q includes a new privacy feature called Scoped Storage that changes the way apps access files on a device's external storage.

Scoped Storage gives each app an isolated storage sandbox into the device external storage where no other app can directly access data saved by other apps on your device.

Until then, users can mitigate the risk of such attacks by disabling the feature responsible for saving media files to the device's external storage. To do so, Android users can head on to:

WhatsApp: Settings → Chats → Turn the toggle off for 'Media Visibility'Telegram: Settings → Chat Settings → Disable the toggle for 'Save to Gallery'


For more depth analysis visit SOURCE : 1


An Ethical hacker should know the penalties of unauthorized hacking into a system. Read more at: Legality and Ethics



*********************************************************************************************************************


For more tricks and update over hacking stay tuned to our site: Note 4 Tech