A recent update on the Whatsapp web-based version has fixed a glitch that allowed hackers to fool the users into executing few lines of code in their machine.
Once the code, contained within a vCard, was executed in the host machine, it was capable of dispensing bots, ransomware RATs and other malware.
The sent file bares resemblance to a normal vCard message but was an executable file. The issue was discovered by Check Point security researcher Kasif Dekel and was notified to the Whatsapp security team on the 21st of last month.
What was alarming is the fact that any user had the capability of creating such a contact without the help of hacking tools.
Inadequate filtering of the contact cards caused the issue. Whatsapp have gone on to update their web app. To ensure that you don’t run the risk of downloading a malware, update the Whatsapp web application.