Maybe you heard about it last week. A leak in WhatsApp web allowed attackers to spread malware my sending infected vcards via WhatsApp web. These vcards were automatically opened by the web browser. This had the effect that computers with WhatsApp web could become infected. Last august, WhatsApp already offerend an update that resolved the leak. It is not clear how many computers were infected.
In addition to photos, videos and locations, it is also possible to send so-called vcards via WhatsApp. Normally there is nothing wrong with such vcards. It is a convenient way to send contact information of someone. But because of the leak in WhatsApp Web, attackers used these vcards in an incorrect way. Several security researchers discovered that it was relatively easy to include malware in a vCard. WhatsApp did not check whether these vcards included malware. Browsers just opened the malware which could have negative consequences. The attackers only needed a mobile phone number. Because you can send anyone a WhatsApp message if you have access to his/her phone number.
Safe use of WhatsApp
Right now, anyone can use WhatsApp without worrying about this issues. WhatsApp came with a proper solution at the right time. There are not many known cases of aggrieved users. But this doesn’t mean you shouldn’t be careful with using WhatsApp. Always be on your guard. Especially when you receive messages or files from unknown senders. Also check blogs like this to see if you are using WhatsApp in a safe way. Also make sure that you are always using the latest version of WhatsApp. This way, you reduce the chances that you become the victim of such kind of actions.