Despite WhatsApp and Telegram encryption, files can be hacked when saved on phones


Instant messaging services like WhatsApp and Telegram may boast encryption when messages are in transit; however security researchers warn that files could be compromised when being saved onto the phone.

Symantec researchers say the issue comes from saving media, like image or audio files, to external storage which is accessible by other apps.

It points out that WhatsApp does that by default while Telegram does so when its Save to Gallery feature is enabled.

The Verge reports that this design means malware with external storage access could access WhatsApp and Telegram media files, even before the user sees said files.

This essentially means a hacker can manipulate a file on a compromised phone between the time the user downloads the file and opens it. This could also happen in reverse with outgoing files being altered.

The researchers call the attack Media File Jacking.

The issue has been brought up by security firms before, highlighting the privacy versus accessibility trade-off, where using external storage makes apps more compatible with others but opens users to more security risks.


A WhatsApp spokesperson told the Verge that changing its storage system would limit the service's ability to share media files and instead introduce new privacy issues.

"WhatsApp has looked closely at this issue and it's similar to previous questions about mobile device storage impacting the app ecosystem," the spokesperson said in a statement.

"WhatsApp follows current best practices provided by operating systems for media storage and looks forward to providing updates in line with Android's ongoing development."

Telegram did not immediately respond to the Verge's request for comment.