Security News

Image filters are of course the built-in visual-effects tools in WhatsApp used to change the color, saturation, tone, sharpness and more of a photo taken. "Src jbitmap" - Represents the input image.

A now-patched high-severity security vulnerability in WhatApp's image filter feature could have been abused to send a malicious image over the messaging app to read sensitive information from the app's memory. Tracked as CVE-2020-1910, the flaw concerns an out-of-bounds read/write and stems from applying specific image filters to a rogue image and sending the altered image to an unwitting recipient, thereby enabling an attacker to access valuable data stored the app's memory.

"The Trojan Triada snuck into one of these modified versions of the messenger called FMWhatsApp 16.80.0 together with the advertising software development kit," researchers from Russian cybersecurity firm Kaspersky said in a technical write-up published Tuesday. Modified versions of legitimate Android apps - a practice called Modding - are designed to perform functions not originally conceived or intended by the app developers.

"The Trojan Triada snuck into one of these modified versions of the messenger called FMWhatsApp 16.80.0 together with the advertising software development kit," researchers from Russian cybersecurity firm Kaspersky said in a technical write-up published Tuesday. Modified versions of legitimate Android apps - aka Modding - are designed to perform functions not originally conceived or intended by the app developers, and FMWhatsApp allows users to customize the app with different themes, personalize icons, and hide features like last seen, and even deactivate video calling features.

A malicious version of the FMWhatsappWhatsApp mod delivers a Triadatrojan payload, a nasty surprise that infects their devices with additional malware, including the very hard-to-remove xHelper trojan. FMWhatsApp promises to improve the WhatsApp user experience with added features such as better privacy, custom chat themes, access to other social networks' emoji packs, and app locking using a PIN, password, or the touch ID. However, as Kaspersky researchers found, the FMWhatsapp 16.80.0 version will also drop the Triada trojan on users' devices with the help of an advertising SDK. Trojan harvests device info and installs more malware.

The latest version of Triada slips onto phones via an advertising software development kit used to monetize the third-party FM WhatsApp Android mobile app. The app, only available via unofficial third-party app stores, is one of many popular WhatsApp mods that allow users to add functionality to Facebook's WhatsApp messenger.

The European Consumer Organisation announced Monday it had lodged a complaint with the European Commission against Facebook's attempt to modify the terms of service for the WhatsApp messenging service. The US tech titan has sought to nudge users of its messenger platform to accept new terms of service, but Facebook denies that this would allow WhatsApp to share more user data with its main social platform.

We have seen a surge in WhatsApp accounts being hacked, if you are sent a text from WhatsApp with a code on it, don't share the code with ANYONE no matter who's asking, or the reason why. We've discussed this scam before on the Naked Security podcast, because it's a good reminder of how cybercriminals use one hijacked social media account to target others.

Fans of John le Carré's Tinker Tailor Soldier Spy know how top military secrets are extracted from the enemy. If head KGB spy Karla wanted to learn intricate details of the British military today, he'd just have to check WhatsApp.

Four months later, in early May, the company gave up on its plans to delete user accounts, saying that, starting May 15, features would be removed one by one for users who don't agree with the new policy changes. "Given recent discussions with various authorities and privacy experts, we want to make clear that we will not limit the functionality of how WhatsApp works for those who have not yet accepted the update," the company said in a statement.