We recently heard of a highly-targeted attack in which users in Southeast Asia were taken for a ride through a combination of Wi-Fi router hacking and malicious apps. And we have also seen instances of fake WhatsApp apps that snoop on your phone and data.
Now, an independent cybersecurity researcher Rahul Kankrale has identified a method to steal anyone’s IP over WhatsApp. This can be accomplished by making potential victims click on a link sent as a WhatsApp message. The link appears without a preview, unlike regular links on WhatsApp, and exploits our natural instinct of clicking on any received “mysterious” page link.
In a Medium post, Kankrale writes, “Simple php code can disclose Whatsapp users ip and app version and save disclosed information to attackers server.” He added: “When link preview generated you can see IP get captured and same time this IP write over log file on attackers server.”
Kankrale informed WhatsApp and Facebook, but the company did not respond positively and said that fixing the bug would require disabling link previews, which is handy for users. If you wish to avoid falling prey to the flaw, then we highly recommend being wary of links received on WhatsApp. It is recommended that you do not click on links from alien-looking domains – especially when there is no preview. You must pay attention to the URL even if the link came from trustworthy source or shows a preview.
As far as attacks like these are concerned, they could be used to target users who do not have much awareness about the current nature of cyber attacks. So, it is wise to spread awareness about these rogue elements trying to steal your data. The compromised IP could be used for further phishing and email scams or more serious attacks.