WhatsApp: this attachment allows you to hack your smartphone, do not open it!


 WhatsApp: this attachment allows you to hack your smartphone, do not open it!

WhatsApp on Android is the victim of two new security holes. By exploiting these two breaches, an attacker is able to launch a “Man in the Disk” attack in order to execute code remotely and siphon certain data. Ultimately, hackers are able to hack your smartphone through the instant messaging application.

Census, a computer security firm, recently discovered two critical security flaws in WhatsApp code on Android. Both vulnerabilities affect smartphones running Android 9 or earlier. If your smartphone is running Android 10, Android 11 or an Android 12 beta, you are not affected.

By using these loopholes, hackers can theoretically launch a “Man in the Disk” type attack on your smartphone. This type of computer attack consists in deploying malware that will manipulate the data exchanged between an Android application and the external storage. “Applications are not isolated from each other in this external space, so cybercriminals are able to replace or modify temporary files or updates stored there,” Kaspersky explains on his blog.


To trap Internet users, hackers just have to propagate HTML documents via instant messaging. Once the file is opened on the Chrome web browser, the hackers will deploy their attack. We therefore advise you to be wary of documents received on WhatsApp.

Performed by a confirmed hacker, this attack “can lead to the compromise of WhatsApp communications, remote code execution on the victim device and the extraction of protocol keys used for end-to-end encryption of communications. of users, ”Census said. Concretely, hackers will be able to install malware on your smartphone.

On the same subject: a serious security breach allows you to block your WhatsApp account

“Both vulnerabilities have now been fixed,” reassures Census in its report. Alerted by Census, WhatsApp has already made patches on the affected Android smartphones. WhatsApp users are recommended to update to app version For its part, Google has integrated since Android 10 a “proactive defense against this type of attack” in order to protect users.

NomAdresse e-mailMessage