Change this WhatsApp and Telegram settings now: Serious flaw in this messengers exposes personal media to hackers

Cybersecurity firm Symantec recently found a serious security flaw — called Media File Jacking — in popular messaging apps WhatsApp and Telegram. The vulnerability manipulates and alters the media files — including images, audio files, and documents.

Both WhatsApp and Telegram are secured by end-to-end encryption but the vulnerability exploits the short space of time between a smartphone writing a media file — when media files received through the apps are written to a disk and when they are loaded in an app’s chat user interface.

Usually, on Android, apps can choose where to save media, like images and audio files — they can choose either internal storage that is only accessible through the app or external storage which is more widely available to other apps. Files saved to internal device storage cannot be exploited by a third-party app, but files saved to external storage can—external storage is “public directory and world-readable/writeable.” WhatsApp and Telegram use external storage to save media files by default.

So if a user downloads a malicious app which has access to external storage could be used to access WhatsApp and Telegram media files and manipulate the image without the receiver ever noticing. Think of a photo or video swapped out, financial account details being changed over, or news features being manipulated.

Symantec explains, “Media File Jacking threat is especially concerning in light of the common perception that the new generation of IM apps is immune to content manipulation and privacy risks, thanks to the utilization of security mechanisms such as end-to-end encryption.” Symantec argues for app developers to include measures to check the integrity of media files before moving them from external storage into the app user interface, pointing out that “neither apps have any measures in place to protect their users” as things stand.

How to stay safe from Media File Jacking?

To stay safe from Media File Jacking, users must have to change both WhatsApp and Telegram settings that allow the application to saves media files to external storage.

In WhatsApp disable Media Visibility settings by going to “Settings > Chats > Media Visibility“.

Media File Jacking

And in Telegram, disable Save to Gallery option by going to “Settings > Chat Settings > Save to Gallery“.

Media File Jacking
Sabarinath is the tech-savvy founder and Editor-in-Chief of TechLog360. With years of experience in the tech industry and a computer science background, he's an authority on the latest tech news, business insights, and app reviews. Trusted for his expertise and hands-on tips for Android and iOS users, Sabarinath leads TechLog360 with a commitment to accuracy and helpfulness. When not immersed in the digital world, he's exploring new gadgets or sharing knowledge with fellow tech enthusiasts.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream