Apps like WhatsApp and Telegram are known for strongly encrypting the messages in transit. However, they might not be able to keep files safe once they reach your phone. Researchers from Symantec reveal how hackers could use a malicious app to subtly alter media files sent through the services.
On Android phones, apps can choose to save media, like images and audio files, through either internal storage that’s only accessible through the app, or external storage which is more widely available to other apps. By default, WhatsApp stores media through external storage, and so does Telegram when the app’s “Save to Gallery” feature is enabled.
According to the researchers, this design allows malware to access WhatsApp and Telegram media files stored in external storage, maybe even before the user sees them. A hacker could theoretically alter an outgoing multimedia message as well. This type of hacking attack is called “Media File Jacking”.
While Telegram didn’t immediately respond to a request for comment. A WhatsApp spokesperson said changing its storage system would limit the service’s ability to share media files.