Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Subscribe











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Malware Update

Kaspersky Comment: WhatsApp joinable calls

July 2021 by Victor Chebyshev, Lead Security Researcher, Kaspersky

Following news that WhatsApp has launched a ‘joinable calls’ feature, allowing people to participate in a call once it’s already started, please see below commentary from Kaspersky around the risks this new feature brings.

“WhatsApp is the most popular messenger in the world, with billions of users. It offers strong functionality with various ways of communicating; for example, group calls for up to eight people proved to be very popular during periods of self-isolation and lockdown – not only for WhatsApp, but other messaging systems too. Until recently, if a group call in WhatsApp had already begun and an intended participant, for one reason or another, could not join at the start, it was not possible to connect later. The situation has now changed, and developers have added the ability to join an ongoing conversation. The same function is also available in the corporate messenger application Microsoft Teams.

“From a security point of view, being able to join a call already in progress increases the risk of eavesdropping. The bottom line is that if an attacker is in a WhatsApp group, it won’t be difficult for them to connect to a call. All they have to do is wait until most of the participants have started and then hope that they can join unnoticed. The attacker also doesn’t need to sit and wait for the start of the call, as they connect at any time. It is however worth noting that members of the group – especially the administrator – can keep track of participants and ensure that outsiders are not joining. Also, the messenger application itself guarantees the privacy of data exchange in the group through the use of end-to-end encryption. Thus, neither the app itself, nor the people trying to organise a man-in-the-middle attack, will be able to intercept either group correspondence or calls, including group calls.

“To date, most of the malicious software has focused on intercepting archived WhatsApp messages and online dialogues, and we have not yet encountered any interception of calls, let alone group calls. Nevertheless, if a device is infected, it is highly likely that the Trojan will have the ability to record the device microphone and camera – enabling attackers to eavesdrop on any conversations, regardless of the communication channel used, be it an instant messenger or a regular call on a mobile phone.” – Attributable to Victor Chebyshev, Lead Security Researcher, Kaspersky


See previous articles

    

See next articles












Security Vulnerability

Toutes nos news en Francais

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Cyber Security Security Vulnerability Malware Update Diary Guide & Podcast TRAINING Jobs CONTACTS Contact About Mentions légales identifier ADMIN

Global Security Mag Copyright 2011