India is one of those countries that have the highest internet penetration. With mobile data prices being among the lowest in the world, owning a smartphone and having multiple apps in it has become a commonplace. While the apps that one has on their phone might vary from individual to individual, Whatsapp is one app that everyone seems to have. At this very moment, there are more than 400 million Whatsapp users in India.
For a mobile app that is this popular, it is understandable that there is a considerable amount of risk involved, as well. Because of the sheer number of users involved, you can imagine the amount of damage that can be expected if hackers use this medium to access the devices of their victims. Since almost everyone you know is using this app, staying safe from such attacks will be a Herculean task. Such attacks have been a dread for millions of Indians in the last few years. It is the segment of the population that is aware of the Whatsapp security risks and yet cannot live without them.
Recently, the Indian Computer Emergency Response Team (CERT-In) has issued a nationwide warning for all Whatsapp users. This organization is India’s nodal agency that is responsible for identifying threats related to the nation’s cybersecurity. According to them, a new bug has been released. The bug will allow hackers to access the smartphones of people using Whatsapp remotely. If reports are to go by, the bug is potent enough to be able to access not just smartphones but also any computing device where one might use Whatsapp. While this raises major concerns about data security, its vulnerability has already been marked as ‘high’ by the organization.
A reality check will tell us that a significant chunk of Whatsapp users in India is not very well versed in technology. This type of threat by the leading cyber nodal agency has left them in a state of confusion. Most of them do not realize the severity of the situation. Hackers have innovated ways to make the most of Whatsapp’s security flaw. Armed with technological competence, they then break into the victim’s phone through an MP4 Whatsapp file. For those in the dark, MP4 is a file extension that is used to store data in compressed format. Usually, any form of audio. Subtitle or video file is compressed and saved as MP4 before exchange via Whatsapp. What this means is that the bug can reach our phones through any of the media files that are shared with us by our near and dear ones.
The scariest part of this virtual bug is that it will not ask for any form of authentication by the app user. The moment the malicious file gets downloaded in the user’s phone or computing device, it will get auto executed. No settings preference or device security feature can stop this menace. Also, these grave Whatsapp security issues are such that it can affect any user irrespective of the geographical location he is in. This means that through this app, hackers residing in the other end of the globe may well be able to control your phone. Hackers can use this security loophole not just to access sensitive data on the victim’s phone. As they will have complete navigational control, the same can be misused to alter the settings on the phone and even engage in local illegal activities. The fact that hackers can turn on the camera feature at any moment and use the victim’s phone for spying is an additional threat.
CERT-In has confirmed that this bug is only affecting older versions of the app. For Android users, any version before 2.19.274 might be at risk. IOS versions that are before 2.19.100 are not safe either. Windows Phone versions till 2.18.368 and Enterprise Client versions till 2.25.3 are the ones at the highest risk. Thus, the easiest way out of this would be to go to your device and check the version that you are using. If you find that yours is among the high-risk ones, you should act on it immediately and get your app updated. In case you are unsure about the version you are using, it is always better to remain on the safer side and go for the latest version. The nodal cybersecurity organization has confirmed that all Whatsapp users in India who are using the latest version will remain safe.
Thus, as one of the millions of Whatsapp users in India, it is each of our duty to make sure that our devices are safe. We should also take it upon ourselves to educate others about the same. It is when we join hands, we can tackle such cyber attacks easily.