(Photo: Pixabay)
a few weeks Ago, we knew that WhatsApp does not erase completely the chats. Even if you think that you have deleted from the device, what is certain is that there continue to be stored. And is that deleting chats is one of the weak points in application security reigns supreme in instant messaging.
This week, the Center for Cryptologic National (CCN), attached to the National Intelligence Center (CNI) has released a report warning of the risks of using WhatsApp, as the weakness of the registration process in the application, the deletion is insecure of conversations or the possibility of theft of accounts.
the report of The CCN addresses the main risks of use of this platform, which, due to its large acceptance, is situated in the point of view of the ciberatacantes who are trying to obtain data and information from its users. "The sharing of sensitive personal information that occurs daily on this platform, together with the low perception of risk that users have with mobile devices, has turned to WhatsApp in an attractive environment for intruders and ciberatacantes", underlines.
Little security to be high
The report notes that since its inception the creators of WhatsApp "have neglected some basic elements" in terms of the protection of the application and of the personal data that are managed in this application. In particular, the CCN-CERT, the Capability of Response to Incidents of Information Security to the Center Cryptologic National, points out that the lack more important than the platform until the moment resides in the registration process and verification of users.
In this regard, the report warns that this process can lead to an attacker with the user account WhatsApp of another person, to read the messages that you receive and even send messages in your name.
Hijacking of accounts taking advantage of network failures
The report cites a video posted by the company Positive Technologies in which shows you how to hijack accounts in apps such as WhatsApp or Telegram taking advantage of failures in the telecommunications protocol SS7.
In the event that an attacker got access to the system SS7 could intercept or record calls, read SMS, or to detect the location of the device using the same system as the telephone network. The report argues that this attack "is easy, making believe to the telephone network, the telephone the attacker has the same number as that of the victim."
For this reason, the Center for Cryptologic National recommended to activate the option 'Show notifications of security' in WhatsApp by following these steps: go to the Settings section of WhatsApp, tap on 'Account' and select the option 'Security'. In this screen you can enable security notifications by selecting 'Show notifications of security', they explain.
Deleting unsafe chat
in Addition, the agency also rates of "unsafe" deletion of conversations, one of the faults most common in the messaging application. This bug was already used in previous versions of the application to get the records of conversations using forensic techniques, and re-affect the most recent versions of WhatsApp.
As a preventive measure, the CCN indicates that "the only way to eliminate these discussions in a more secure way on our phone will be to uninstall the application and install it again. Though you should be aware that this process will not eliminate the potential backup copies of our data that have been made in the cloud", they warn.
Dissemination of sensitive information during the initial connection
The report also warns that spreads sensitive information —the operating system of the client, the version of the application in use and the phone number is registered— during the initial connection, which may be exposed to any attacker in the case of using wifi networks in public or of doubtful origin.
"The only solution to this problem of dissemination of sensitive information" is the use of a VPN connection, supporting this agency.
Theft of accounts through SMS or call
The CCN also warns of the possibility of stealing accounts by using SMS, phone call, or physical access. The theft by means of SMS has to do with the system of registration of the application: an attacker could use a phone of your own or a terminal emulator and start the process of registration with the registration number of the victim, as if it were a change of terminal. In a similar way it is possible to hijack a session of WhatsApp using the option of verification by telephone call.
finally, a possible oversight or loss of the phone (despite having the mechanisms of the lock screen and security code) "may allow a person with physical access to the phone can hijack the session of WhatsApp in a simple way".
For the NFP, the problem of this method of attack resides "in the difficulty to avoid it, because there isn’t an option, both for Android and iPhone, that can force the user to unlock the terminal to be able to respond to a call, so that an attacker with physical access will always be able to respond and complete the attack.
Risks when you download sites not official
In line with this, also warns of the dangers of downloading WhatsApp on sites are not official, that can be used by cybercriminals to commit fraud.
Attacks of 'phishing' in WhatsApp web
This extension that allows you to use WhatsApp from any device or laptop, it also holds the risk that an attacker can monitor a QR code of the official website, and when the user thinks that he is subscribing to any promotion bait, "will be authorizing the access to the web from your session", alert.
Storage of the information in the database
WhatsApp uses SQLite to store chat sessions, files, and messages in the database, so that if an attacker manages to get hold of this file would have access to all the conversations and private data of the user, warns the CCN, although he adds that "at the present time this file is protected against this type of cases."
Exchange of data between WhatsApp and Facebook
Others of the risks that detects the organism dependent of the CNI are derived from the exchange of personal data with Facebook, a part of the privacy policy of the company changed in the past month of August.
As a result of this change, WhatsApp will transfer the data of their users to Facebook and the rest of the companies that Mark Zuckerberg has for "various activities". In spite of that the messages, photos and profile information will not be targets to share, yes they will exchange other information such as the user’s phone number, contacts, time of last connection, as well as the habits of use of the application.
Other recommendations
In this context, the report on the risks of WhatsApp includes a series of additional recommendations for the information of the mobile phone is safe from potential attackers or malicious programs.
Among these tips are keep the phone locked to reduce the risk if the phone falls into the wrong hands and be careful with the access and permissions requests of the applications that are running, especially when it comes to Android terminals.
in Addition to go important to know the risks that it involves 'jailbreaking' or 'rooting' of the terminal and recommended to turn off the additional connectivity of the phone when not in use, as it could be the WiFi connection or Bluetooth, as well as to reduce the battery consumption, reduces the possible attack surface on the terminal.
original Article here.
No comments:
Post a Comment