Dangerous Flaw in WhatsApp Web: vCard Vulnerability

Dangerous Flaw in WhatsApp for Web Version. Hackers can easily hack your device and inject malware.

Around 900 million People active users out of which 200 million users are at Risk.

The Vulnerabilities were discovered by security Researcher Kasif Sekel at Checkpoint which allows attackers to tale benefit of v Card contact card format to malware's to non-tech (unsuspected) users.

WhatsApp Web is a technology that replicates the WhatsApp mobile app experience within a web browser. The web interface allows users to view and respond to text messages, videos etc.

This Web based version of WhatsApp has a vulnerability to an exploit that allow hacker’s (through Social Engineering) to install malware on their machine.

Hackers would just send them a small, apparently innocent contacts file — which, when opened, would allow hackers to run malicious code and leave them open to being hit by code that could take control of their computer, viewing what they are doing or spread viruses.

Working of What-app Exploit

Hackers only need to know the victim's Phone number associated with WhatsApp web account.

• An apparently tamed v Card (Contact Number) is send to the victim. The v Card riddled with a malicious code.
• The victim who launches that executable file will be infected with that malware.
• The contents of malware contains Ransom ware, bot-nets, RAT (Remote access Tools) and other malicious code. 

 What it does?       

• Get complete access of the victim's machine.    
• Monitor user activities
• Spread Malware's

Need not worry Fix is Ready

All versions of WhatsApp Web after version 0.1.4481 already contain the fix for the vulnerability.

Download Updated version

RaaS

RaaS(Ransom-ware as a Service)

Ransomware as a Service is a ransomware very similar to Tox. Ransomware is a type of virus which will infect target computer, encrypts their files and will not decrypt until victim's will not a pay an amount of Money(Ransomware) most often in Bitcoins.

The company McAfee has highlighted a service offered on the Tor network: Tox is as a site offering the ransomware as a service.

RaaS is a ransomware creation tool, which allows to design ransomwares. Cyber criminals have to enter their BitCoin address and the payment that they want the ransomware to demand from the victims.
it is created for hackers to easily design encrypting ransomware payloads to distrube from their botnets.

Hackers can create his/her own Ransomware with in Few steps on Tox Website.


TOX

It is a tool kit which is designed for nontech users to spread this ransomware.

The developers of this software makes money by taking a 20% of any successful social engineer's attack.

Steps to Create your own Ransomware

1.  Create an account on tox website without any email address and other identifiable information.
2.  A user then types in the ransom amount they want to ask for, an additional note  such as the name of the target, and add captcha and click “Create”.

How to Identify these types of Ransomwares?

These type of Ransomwares generally come in the email Campaigns through Social engineering attacks.

You can see it in your Emails and genrally they uses fake word icons and having .scr extension.This file is around a size of 2 MB.

Once a Victims open this .scr file provided in an Email, The paylod will encrypt all the data on their system and decrypts only when if a Bitcoin payment is made.

How To Get rid of and Protect themselves from this Ransomware?

1. Don't fell in to these Kind of Social Engineering attacks. Before Running the attachment check for the Extensions first(is it a .scr, .exe).

2. Backup Your Data. if you have unfortunately executed it and having your Data Backup. You are safe from paying Ransom.