Telegram founder Pavel Durov again lashed out at the competition: the target again was the WhatsApp messenger. The post is aimed at a worldwide audience, as it is posted in Durov’s English-language account.
- Durov recalls that back in May, he warned that new critical vulnerabilities in WhatsApp would appear regularly. Indeed, recently the “Hole” was found in the implementation of the video in the messenger: “all that a hacker needs to do is send you a video, and all your data will be in his power.”
- In his opinion, Facebook tried to mislead the public by claiming that “there is no evidence of the use of the vulnerability by hackers”. There is no evidence simply because WhatsApp does not store videos on its servers, but sends them to Apple and Google, mostly in unencrypted form, Durov explains.
- He claims that a vulnerability of this magnitude was most likely found by attackers – as well as the previous one, through which they were attacked “too naive to believe WhatsApp, human rights defenders and journalists.”
“There is growing evidence that WhatsApp is a trap for simpletons who still trust Facebook in 2019. In principle, you can assume that in WhatsApp applications every few months accidentally appears a critical vulnerability. But I doubt it – with Telegram, an application of similar complexity, we have not had such problems since the launch six years ago. It is very unlikely that it is possible to accidentally and regularly allow gross violations of the security protocol, moreover, they are so convenient for espionage.”
“Regardless of the parent company’s intentions, what is the advice to WhatsApp users remains the same: if you don’t want anyone to read your photos and messages, remove WhatsApp from your phone.”
A new critical vulnerability is due to an error in the implementation of the video container in WhatsApp: by sending a specially configured malicious file, the hacker is able to run his code on the user’s device. The “Hole” is closed in the latest versions of the app.
The previous major vulnerability is related to the voice call implementation error and that also allows you to execute malicious code or even install spyware on your smartphone. You don’t even need to answer a malicious call to do this. It is known that this vulnerability was exploited by the Israeli company “hired hackers” NSO Group, and more than a hundred of its “targets” were civil activists. Facebook sued her.
This is not the first time Durov has spoken badly about WhatsApp. In May, he said that “every time WhatsApp needs to eliminate a critical vulnerability in an application, a new one appears in its place”, and a year before he accused Facebook that its applications can not be safe fundamentally because it “puts profit growth above the interests of its users.”