Here’s How to Find if WhatsApp Web Code on Your Browser Has Been Hacked

News

Meta Platforms’ WhatsApp and Cloudflare have banded together for a new initiative called Code Verify to validate the authenticity of the messaging service’s web app on desktop computers.

Available in the form of a Chrome and Edge browser extension, the open-source add-on is designed to “automatically verif[y] the authenticity of the WhatsApp Web code being served to your browser,” Facebook said in a statement.

Automatic GitHub Backups

The goal with Code Verify is to confirm the integrity of the web application and ensure that it hasn’t been tampered with to inject malicious code. The social media company is also planning to release a Firefox plugin to achieve the same level of security across browsers.

The system works with Cloudflare acting as a third-party audit to compare the cryptographic hash of WhatsApp Web’s JavaScript code that’s shared by Meta with that of a locally computed hash of the code running on the browser client.

WhatsApp Web Code

Code Verify is also meant to be flexible in that whenever the code for WhatsApp Web is updated, the cryptographic hash value will be updated automatically in tandem, so that the code served to users is certified on the fly.

Prevent Data Breaches

WhatsApp, in a separate FAQ on the latest security feature, emphasized that “the extension won’t read or access the messages you send or receive, and we won’t know if you have downloaded the extension.” The add-on will also not log any data, metadata, or user data, and doesn’t share any information with WhatsApp, it noted.

“The idea itself — comparing hashes to detect tampering or even corrupted files — isn’t new, but automating it, deploying it at scale, and making sure it ‘just works’ for WhatsApp users is,” Cloudflare said.

Products You May Like

Articles You May Like

TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign
Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
PyPI Revival Hijack Puts Thousands of Applications at Risk
New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm
TfL Admits Some Services Are Down Following Cyber-Attack

Leave a Reply

Your email address will not be published. Required fields are marked *