A group of researchers Israeli company revealed weaknesses in communication applications on top of Alwats August, as well as the application of "telegram" which is considered the most famous applications in the field of communication in the smartphone .tava these vulnerabilities exist in their own versions of these applications on the web or desktop , and confirms the existence of these gaps is the leaked documents by the WikiLeaks website in recent weeks, which showed that the US could the national security agency to spy on everything that is written by the user in these applications even before it was sent.
Just take advantage of the NSA own smartphone operating system in order to circumvent the encryption in these applications, the researchers confirmed that these new gaps where the browser version of exploiting the computers for capturing and penetrating accounts of people in these applications.
And on what it seems, the web version of the application Alwats August works reflector for messages sent and received by the user, hence the new gap emerged .walta if exploited by hackers, it is quite possible for them to simulate all the victim's action of sending and receiving messages, sound, images and video. etc.
But how the breach happen?
The process of penetration in Allowazb occur when the receiver image through a group or a private message this image be mined Bshifrat malicious, and when the victim opened this image through the browser on the computer is the attacker has gained access to the private files of the application of internal storage device!
The process shown in this illustration
After that, however, does not stay a few steps away full control of the account, and serious about it, he could bring the attacker to send the message to the victim own contacts and so can the largest number of accounts.
If you are more details and explanation of the largest of this process you can click here
0 Comments