Wednesday, August 4

A failure in WhatsApp would expose the IP of users | Digital Trends Spanish

A serious vulnerability has been detected in WhatsApp, the most widely used messaging app in the world, which could allow users to easily find out the location and IP address of users.

The vulnerability has been reported in the software repository GitHub by the user bhdresh, who explains that by filtering the IP addresses of the Facebook and WhatsApp servers from the destination hosts files, the IP address of the WhatsApp user can be obtained without their knowledge.

As explained from ADSLZone, this flaw works even in the latest version of the app and could allow criminals to know the public IP addresses and the approximate location of users and with them, follow their movements by creating a history of locations. The site clarifies that for the attack to be carried out it is necessary for the user to have their mobile phone connected to the same WiFi network as the attacker’s computer. In this way, it is possible to activate the script that bhdresh has published in its report and when calling any WhatsApp contact of the user it is possible to know their IP address.

The user informed Facebook of the vulnerability in October 2020, but according to the company, it did not recognize the failure and classified it as functioning within expectations. Facebook recommends that users limit calls to trusted users or use a VPN to limit vulnerability, but at no point do they signal their intention to patch the flaw.

Editor’s Recommendations

var stage = decodeURIComponent(0); var options = JSON.parse(decodeURIComponent('')); var allOptions = {};

if (stage > 0 && window.DTOptions) { allOptions = window.DTOptions.getAll();

Object.keys(options).forEach(function(groupK) { if (options[groupK] && typeof options[groupK] === 'object') { Object.keys(options[groupK]).forEach(function(k) { if (!allOptions[groupK] || typeof allOptions[groupK] !== 'object') { allOptions[groupK] = {}; }

allOptions[groupK][k] = options[groupK][k]; }); } }); } else { allOptions = options; }

var getAll = function () { return allOptions; };

var get = function (key, group, def) { key = key || ''; group = group || decodeURIComponent('qnqb92BhrzmkpqGx'); def = (typeof def !== 'undefined') ? def : null;

if (typeof allOptions[group] !== 'undefined') { if (key && typeof allOptions[group][key] !== 'undefined') { return allOptions[group][key]; } }

return def; };

var set = function (key, group, data) { key = key || ''; group = group || decodeURIComponent('qnqb92BhrzmkpqGx'); data = data || null;

if (key) { if (typeof allOptions[group] === 'undefined') { allOptions[group] = {}; }

allOptions[group][key] = data; } };

var del = function (key, group) { key = key || ''; group = group || decodeURIComponent('qnqb92BhrzmkpqGx');

if (typeof allOptions[group] !== 'undefined') { if (key && typeof allOptions[group][key] !== 'undefined') { allOptions[group][key] = null; } } };

window.DTOptions = { get: get, getAll: getAll, set: set, del: del, }; }());

Leave a Reply

Your email address will not be published. Required fields are marked *