How to read all correspondence in what’s app with the virus?

How to read all correspondence in what’s app with the virus?

It all starts with the hacker creating a malicious html file with a preview image:

.

WhatsApp web client saves allowed document types in client variable W [“default”]. DOC_MIMES This variable stores the allowed Mime types used by the application.

.

Since the encrypted version of the document is sent to WhatsApp servers, a new type of Mime can be added to this variable, such as “text / html”, to bypass the client’s restriction and upload a malicious HTML document.

.
After adding a malicious document URL to a client variable, the client encrypts the content of the file using the encryptE2Media function, and then uploads it encrypted as BLOB to the WhatsApp server.



.

Moreover, changing the document name and extension and creating a fake preview by changing client variables will make the malicious document more attractive to the victim.

This is the result:

.

Once the victim clicks on the file, she will see a funny cat under the object blob, which is the object html5 FileReader under web.whatsapp.com. This means that the hacker can access resources in his browser under web.whatsapp.com.

.

By simply browsing through the page without clicking on anything, the local victim storage data will be sent to the hacker, allowing him to take over his account.

The hacker creates a JavaScript function that will check every 2 seconds if there is new data in the backend and replace its local repository with the victim.

Part of the hacker’s code:



.

The hacker will be redirected to the victim’s account and can access it.

.

.
The WhatsApp website does not allow a client to have more than one active session at a time, so after the hacker steals the victim’s account, the victim will receive the following message:

.
You can redesign this code by adding JavaScript code as follows:

.
A malicious HTML file that will cause the client’s browser window to get stuck and allow the hacker to manage the account without interference, although the hacker will connect to the victim’s account until the victim logs on to the account. Closing the browser will not cause the hacker to log out of the account, and the hacker will be able to log into the user’s account for as long as he wants!

Works for the browser version.



WARNING! All links in the articles may lead to malicious sites or contain viruses. Follow them at your own risk. Those who purposely visit the article know what they are doing. Do not click on everything thoughtlessly.


13 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: