Whatsapp & Telegram bug: What it is, and how to deal with it

The recent bug reported by researchers from Symantec proves that encryption alone isn’t enough.
17 July 2019

Although encrypted, hackers can still manipulate data stored in the external storage. Source: Shutterstock.com

Instant messaging apps like Whatsapp and Telegram boasts encryption features that assumingly keeps media, files and messages secured within the two conversing phones. But security professionals have recently revealed that despite being encrypted, your media files may still be manipulated.

Security researchers from Symantec Corporation detailed how hackers can plant malware in apps and attack any phone via Whatsapp and Telegram, by exploiting a flaw caused by the way these apps save files to the phone.

Being among the most used apps in the world, the bug was a surprise to its users, many of which store important personal and business information in our phones, such as contacts, banking details, emails and many others. In the face of these security flaws, what could we do to protect ourselves?

Understanding the bug

As with every security concern, the first thing one would need to know is how this bug works. Chris Howell, CTO and Co-Founder of encrypted messaging firm Wickr, said apps like these spend years in development and have millions of lines of code, thus leaving room for many things to go wrong. In the case of Whatsapp and Telegram, the issue revolves around where media files are saved.

These apps give users the option to select their default storage location for incoming media files. In Whatsapp, the default setting is to save files to the phone’s internal memory. The phone’s internal memory is only accessible by the app. But you are also given an option to save incoming media files on their external storage. In Telegram, this is labelled as “save to gallery”.

Many users do this to ease sharing on other social media platforms and to save their phone’s internal memory to prevent it from slowing down, but the problem starts here because all apps can access and rewrite data stored the external storage, and it is possible that data the data that’s being written on this storage was not encrypted.

Hackers could now easily plant a malware in an app or media file and spread it around. When the malware enters the external storage, it can access any media file before the user could. The gravity is severe to the extent that it allows hackers to modify pictures, texts and much more without the user’s knowing.

Dubbed “Media File Jacking”, it boils down to insufficient testing done to the security system According to Howell, It’s harder to test for security bugs because it requires certain skills and more attention. Without them, the quality of security tests done in whole could be lower than the functional tests carried out. 

Protecting your data

In the case of phone apps, users would just need to have faith on the developer. One might notice an app requesting permission to write to external storage at install time and question it, but without knowing how it uses the external storage, it’s difficult to make an informed judgment to grant or deny it.

Therefore, similar to a computer, data on the phone needs to be protected too as it contains lots of sensitive information. Both individuals and businesses stand to lose a great deal if their data falls into the wrong hands.

There are a few ways to tell if a phone has been infected by malware. According to Norton Security, these are the six warning signs of an infection;

  1. Phone is too slow
  2. Apps take longer to load
  3. Battery drains faster than expected
  4. There are too many pop-up ads
  5. Phone has apps that you don’t remember downloading
  6. Unexplained data usage and large phone bills

Should these signs be apparent, the very first thing to do is perform a virus scan and junk cleanup to ensure there’s no malware in the phone. Most phones like Samsung have pre-installed apps for this, but for those who don’t, Google Playstore has a number of great apps to choose from; both free and paid ones are available.

Whatsapp and Telegram’s storage settings should be changed too, back to the phone’s memory – as it is more secure to save files there compared to the external storage. If space is a major concern, do know that photos can be saved on high-quality to Google Photos and it can be accessed at any time. 

If there’s a strange app in the phone, know that it probably could be the malware in question. To remove this, you would need to access the phone’s root files. Follow this online guide by Norton security to safely remove these apps and clear your phone from the malware.

Prevention is better than cure

Software is always changing with each update it receives. As Howell says it, “New features are added and existing functionality is improved. With every change comes the risk of breaking something else, and the only way to know is to test.”

While the most effective way to test for security is to infuse it into the development process, it is still hard to measure and it’s often the first thing that developers cheat when datelines are around the corner. Knowing that every code and app has a flaw, its best that you take protective measures yourself by ensuring your phone is secure from any threats at all times.