Beware: A new bug has made Whatsapp Web very dangerous for your computer

Ever since Whatsapp rolled out their web-based client, it open a world of convenience in accessing the platform without having to use the phone. From their 1 billion active users, nearly 200 million access Whatsapp using this Web interface. However a recent bug discovered in the Web app leaves the target computer open to attack--all a user needs to do is accept a vCard request.

In a recent discovery, security firm Check Point uncovered the ability to compromise a user’s computer via the app, using a simple malicious phishing code. This relates to the way WhatsApp Web processes a vCard--the file format typically used to exchange contact entries between phones. By injecting malicious code into a typical vCard file, all that a potential hacker needs to do is have the recipient accept the vCard. When opened, the vCard turns out to be an executable file that could contain anything from a bot to ransomware to other types of malware that could wreak havoc on the target computer.

Fortunately, since this vulnerability was discovered and made known to the Whatsapp team last last month, the loophole has been patched.

If you happen to use WhatsApp, ensure that you update the app on your mobile device immediately in order to receive the latest patched version. Also as a rule of thumb, as applies to any Web app that has the ability to receive files, only accept file transfers that you are in fact expecting, and that you are absolutely certain of the authenticity of the person transferring it.