If you’re thinking that the end-to-end encryption on WhatsApp and message suggests that nobody will tap into something you mention in these platforms, suppose again! Symantec researchers have noticed that media files that you simply save via these apps aren’t safe and are vulnerable to cyber attacks.
As per The Verge, the media files saved via these 2 apps are either saved in internal storage or secondary storage of the device. If the malware enters your golem smartphone and these files are saved in secondary storage, malware will simply get access to those files and exploit the info. Malware will even reach these files, even before you’ve got seen them.
In alternative words, these hackers will even alter outgoing transmission messages while not the user’s notice. The researchers ar line it the “Media File Jacking” attack.
A WhatsApp interpreter told North American country that they need to be looked closely into this issue and that they are going to be providing updates in line with Android’s current development. He additionally hinted that this security threat is comparable to previous queries relating to the mobile storage affecting the app system.
“WhatsApp has looked closely at this issue and it’s kind of like previous questions on mobile device storage impacting the app system. WhatsApp current best practices provided by operational methods for media storage & appear forward to providing updates in line with Android’s current development,” the interpreter said. We have conjointly reached resolute WhatsApp and message and can update this house as we hear from them.
And it’s not simply these 2 apps, in keeping with the recent news researchers at the International applied science Institute (ICSI) found that thousands of app on the android app store manage to skirt restrictions and gather precise geolocation knowledge and phone identifiers, without user consent.
The study checked out over 88,000 apps on Google Play and tracked however data was transferred from the app once a user denied permissions. Of these, they found 1,325 apps that desecrated the permission policy and relied on workarounds to retrieve user knowledge while not their information.