A new vulnerability would be affecting WhatsApp, and for our sorrow, also to Telegram.
According to a report from the cybersecurity company Symantec, there is a flaw that involves both applications in its Android version, and that would allow third parties to have access to multimedia files sent and received by users.
This flaw, called “Media File Jacking”, is present just when a file is sent and the other person receives it. Specifically, when they are written to the external memory of the smartphone and loaded into the user interface.
In this way, it can affect both the sender and the recipient by means of malware on the victim’s smartphone.
It is at this moment that these files can be accessed since they belong to a public directory, to which any other application can enter. Something that does not happen when you use exclusively the internal storage system.
According to the investigation, the key to the problem is the ” WRITEEXTERNALSTORAGE “ permission, which allows reading in real-time the files that are stored in the external memory of the device, regardless of who is accessing them.
How to protect yourself
For now, the research recommends simply deactivating the automatic saving of files in WhatsApp as in Telegram. In the first case, in the Chats option in Settings and under the option Media visibility.
Meanwhile, in the other application, you only have to enter Chats Settings > Save to Gallery and disable this option.
In parallel, the security company recommends verifying the file data with the person who sent them to ensure that we are receiving, and not use this type of apps for the delivery of confidential documents or private information.