Cybersecurity platforms have sounded the alarm after a serious security flaw was revealed in the messaging application "WhatsApp," allowing hackers to infiltrate devices and steal users' personal data without their knowledge.
Google's Project Zero team, which specializes in finding security vulnerabilities, discovered a technical flaw that hackers exploit by creating fake groups and inviting random users to join. Once a user accepts the invitation, malicious files begin automatically downloading onto their device without any visible warning.
These files do not appear as an obvious threat, but are disguised using "spoofing" technology, where hackers trick the system into presenting their malware as just ordinary media files, such as pictures.
Once a device is compromised, this malware, known as "arbitrary code execution," grants the attackers complete control. This control allows them to create a "backdoor" in the device to steal passwords, disable security systems, and even remotely control the device and its movements.
Cybersecurity firm Malwarebytes has issued clear instructions for users to immediately disable the "automatic media download" feature. While this measure is preventative, it is the most effective solution so far to close this vulnerability.
Steps to disable automatic downloads:
1. Open the WhatsApp application.
2. Tap the three-dot menu in the upper right corner.
3. Select "Settings"
4. Go to "Storage and Data"
5. Tap the "Automatic Media Download" option.
6. Deselect all media types (images, audio, video, documents) by removing the checkmarks from the boxes.
7. Press "OK" to save.
After implementing this change, WhatsApp will no longer automatically download any images, videos, audio files, or documents, regardless of the connection type (Wi-Fi or mobile data). Downloading will become a manual process where the user decides whether to tap on each media to receive it, giving them the opportunity to avoid suspicious files.
WhatsApp confirmed that it has developed and released a technical fix to prevent further exploits of this vulnerability. The exact number of devices affected before the fix was not disclosed; therefore, changing settings remains a crucial precaution to protect devices from any future similar attacks.
It is worth noting that such vulnerabilities, which allow the execution of code remotely, are among the most dangerous types of cyber threats, given their ability to turn a personal device into a tool under the complete control of the hacker.
