Security News

An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. "Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive commands to delete files," ESET researcher Lukáš Štefanko said in a new report published today.

Meta has unveiled Chat Lock within WhatsApp, a feature that allows users to keep sensitive and intimate conversations safe from prying eyes. By tapping on a one-to-one or group conversation, users can easily enable Chat Lock and choose between password or biometric authentication options.

Chat Lock will create a new folder that can be locked with a password or biometric methods like a fingerprint. "Locking a chat takes that thread out of your inbox and puts it behind its own folder that can only be accessed with your device's password or biometric, like a fingerprint," WhatsApp said today.

India is the largest market for WhatsApp, with over 450 million users - many of whom have in the last couple of weeks received plenty of spam calls from overseas. Might scammers have turned to WhatsApp after conventional carriers hardened up?

E2E encryption means that only the person who stores the data should be able to read the data. Having dealt with E2E encryption of data during transit and at rest, we now turn to the more esoteric case of E2E encryption of data during computation.

WhatsApp will be rolling out three new security features in the coming months, to provide users with increased privacy and control over their messages and to help prevent unauthorized account access and takeover. WhatsApp's new check when moving account to another phone.

"Mobile device malware is one of the biggest threats to people's privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages," the Meta-owned company said in an announcement. Called Device Verification, the security measure is designed to help prevent account takeover attacks by blocking the threat actor's connection and allowing the target to use the app without any interruption.

WhatsApp announced today the introduction of several new security features, one of them dubbed "Device Verification" and designed to provide better protection against account takeover attacks. Device Verification prevents malware from using authentication keys stolen from infected mobile devices or via unofficial clients to impersonate accounts and use them to send scam and phishing messages to people in the targeted users' contact lists.

Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware. "All of them are after victims' cryptocurrency funds, with several targeting cryptocurrency wallets," ESET researchers Lukáš Štefanko and Peter Strý?ek said in a new analysis.

A stranger may be receiving your private WhatsApp messages, and also be able to send messages to all of your contacts - if you have changed your phone number and didn't delete the WhatsApp account linked to it. "If for some reason you no longer want to use WhatsApp tied to a particular phone number, then the best thing to do is transfer it to a new phone number or delete the account within the app."