Smashing Security #171: WhatsApp hoaxes, Zoombombs, and 8-bit love

Blackmailers are threatening to infect your family with Coronavirus, trolls are making Zoom an unsafe place for those of a sensitive disposition, and what is the mysterious Dr Negrin audio message spreading on WhatsApp?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.


Free Netflix pass because of Coronavirus? It’s a scam

The public is being warned about fraudulent messages being shared on social media platforms that Netflix is offering free passes to its platform because of the Coronavirus pandemic.

Read more in my article on the Hot for Security blog.

The Dance of the Pope virus hoax

Friends don’t share virus hoaxes with their friends. They spend five minutes checking their facts before sharing poppycock on social media.

WhatsApp flaw gave hackers access to files from Windows and Macs

If you run WhatsApp’s desktop client on your Mac or PC then you would be wise to make sure it’s up-to-date, following the revelation that a security researcher uncovered a critical security flaw.

Jeff Bezos, WhatsApp, and Mohammed bin Salman – what you need to know

An investigation has concluded that Jeff Bezos’s smartphone was hacked after receiving a WhatsApp message from Mohammed bin Salman.

Read more about the background behind the story, and what we know so far.

How a GIF could let a hacker view your WhatsApp messages

A flaw in WhatsApp could have allowed hackers to snoop upon your chat history just by tricking you into opening a boobytrapped GIF image.

If you’re going to run WhatsApp, make sure that it’s properly updated.

Urgent! Update WhatsApp NOW to add new sticker support

Yes, you should update WhatsApp.

But not for the reasons they’re telling you.

Scammer posed as actor Jason Statham to steal from fan

A British fan of actor Jason Statham was fooled into thinking she had formed an online relationship with the Hollywood hard man, after joining a Facebook fan page for the “Fast and Furious” star… and ended up losing hundreds of thousands of pounds.


WhatsApp users targeted by homoglyph attack peddling free tickets to theme park

Many WhatsApp users would probably view the message as innocent enough, appearing to offer free tickets to Britain’s Alton Towers theme park. But in truth they are being targeted by fraudsters deploying a homoglyph attack.

Read more in my article on the Tripwire State of Security blog.

Delete all your emails and acid wash your hard drives, says security expert Sean Hannity

Some people don’t know if you should trust the media anymore, with accusations of fake news flying here, there, and everywhere.

Which makes me wonder who can you trust for computer security advice? How about a TV host?

End-to-end encryption doesn’t stop the FBI reading your messages. Just ask Paul Manafort

End-to-end encryption is really neat, but it only encrypts *between* those who are doing the communicating.


Text bombs and ‘Black Dots of Death’ plague WhatsApp and iMessage users

Please don’t be tempted to try any of these text bomb attack out on anyone else, even as a prank. It’s simply not funny.

Read more in my article on the Hot for Security blog.

Did hackers lead warplanes to Syrian hospital after targeting British surgeon’s computer?

BBC Newsnight broadcast phone number of surgeons working in war-torn Aleppo… and then the hospital was bombed.


WhatsApp flaw could allow anyone to sneak into your private group chat

Don’t panic, as it’s not an attack that is at all easy to pull off. Still, let’s hope that WhatsApp responds appropriately to the researchers’ findings, and eliminates this security hole entirely.

Read more in my article on the Tripwire State of Security blog.


Think you deleted that embarrassing WhatsApp message you sent? Think again

if there’s one thing we should all have learnt from our years on the internet it’s this – once you say something somewhere, it’s very hard to take it back and pretend it never happened.

Read more in my article on the We Live Security blog.


Fake WhatsApp app tricked over a million users

Google Play has suffered another failure, as over one million users have been duped into downloading a fake version of WhatsApp made available in the official Android app store.

Read more in my article on the Hot for Security blog.