According to WikiLeaks, the government organizations are able to compromise Telegram, WhatsApp and other end-to-end encrypted applications. However, this has not been proven yet, but there are already many end-users who are concerned if the Telegram and WhatsApp end-to-end encryption feature is able to guarantee user privacy.
We remind you that this encryption was designed to ensure that only the people communicating with each other can read the messages and nobody else. At the same time, a severe vulnerability has been discovered on Telegram Web and WhatsApp Web, which is the way that you are able to connect to your Telegram and WhatsApp account from your computer via the browser.
In other words, Telegram Web and WhatsApp Web features are “mirroring” messages sent and received by the user, which can be quite insecure. If this vulnerability will be exploited, it will allow the hackers to completely take over users’ accounts on any browser and access the victims’ private and group conversations, videos, shared files, photos, contact lists and more.
The hacker would have to just send an “innocent” looking file to the victim, which contains a malicious code. The file is modified in a way that it will make the user believe that it is a legit file without anything bad in it.
Once the user taps on the image and opens it, the malicious code will allow the hacker to access the local store of the mobile device, where user data is stored. In Telegram, the user will have to tap again on the file to open it in a new tab, which means that the users of this application will have to do a little more until the hacker will gain access to their devices.
To make things even worse, once the hacker gains access to your device, it can send the malicious file to all the victim’s contacts, which will lead to a “domino” effect, getting millions of users infected very fast.
How secure do you think that Telegram and WhatsApp are?