What's up with WhatsApp? Israeli firm uncovers security breach in popular messaging app

Check Point: To target an individual, all an attacker needs is the phone number associated with the account.

September 8, 2015 18:24
1 minute read.

Icons of messaging applications WhatsApp of Facebook (L), Laiwang of Alibaba Group (C) and WeChat, or Weixin, of Tencent Group. (photo credit: REUTERS)


Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analyses from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief


Check Point, an Israel-based security firm, discovered a software vulnerability in the WhatsApp messenger Internet platform,  the company reported on Tuesday.

The popular smartphone messaging app introduced it's Internet platform, WhatsApp Web, earlier this year for use on Windows and Android phones. The service was also made available to iPhone users last month. The Internet platform allows the user to send and receive messages in a similar manner to the smartphone application.

Be the first to know - Join our Facebook page.

The WhatsApp Web platform has a software vulnerability that could allow hackers to compromise computer systems by downloading malware including  ransomware, bots, and remote access tools onto the user's PC, Check Point stated.

"To target an individual, all an attacker needs is the phone number associated with the account."

Whatsapp allows users to download any media that can be sent as an attachment including photos, videos, audio files, locations and contact cards.

The vulnerability was essentially created due to improper filtering on contact cards. Attackers could infiltrate a PC by sending a seemingly innocent contact that "most users would click immediately without giving it a second thought," said Check Point.

Clicking on the contact card instantly downloads a file that immediately runs on the computer in use.


Check Point discovered the vulnerability in the software and reported it directly to WhatsApp.

"WhatsApp has verified and acknowledged the security issue and has developed a fix for web clients worldwide," reported Check Point.

Last week WhatsApp announced they had reached 900 million active users a month. Check Point estimated that at least 200 million people use the WhatsApp Web interface.

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

Workers strike outside of the Teva building in Jerusalem, December 2017
December 18, 2017
Workers make explosive threats as massive Teva layoff strikes continue