Non classé

Watch out for WhatsApp pink: the update is a virus that is taking control of your phone

WhatsApp messaging users are the object of a malicious attack through a « pink » version of the application which is none other than a virus.

A message has been sent in recent days to many WhatsApp messaging users offering them to switch from green to pink.

A flirtatiousness that could have serious consequences since this update runs the risk of installing a virus that will take control of your phone. 

It was researcher Rajshekhar Rajaharia who launched the alert on Twitter: « Beware of WhatsApp Pink! A virus is spreading within WhatsApp groups with an APK download link. Do not click on a link with the name #WhatsappPink. Full access to your phone will be immediately lost.  » 

The virus will take control of your phone but, above all, it will allow hackers to recover your personal data including bank details.

If you have installed the application, a solution, uninstall it as soon as possible, unlink all Whatsapp web devices, clear your browser cache, check the permissions of all your applications, if one seems suspicious, cancel this authorization.

As a reminder, you should never install APK files directly on your phone but favor downloads directly from platforms such as Google Play Store or Appel Store.

Non classé

WhatsApp: A new scam can steal your account

Be careful for WhatsApp messaging users, a scam can deprive you of access to your own account. For the moment, these attempted thefts have been observed mainly among English-speaking users.

How do hackers work? When a user creates their account or installs the application on their phone, they receive a message from WhatsApp giving them a 6-digit code to activate the application. But it also works when users want to “recover” their account.

Fake message

Immediately afterwards, he receives another message from a loved one who alerts: “Sorry, I mistakenly sent you my 6-digit security code. Can you transfer it to me please. It’s urgent ! « .

Except that it was the hackers who hacked your loved one’s account to send this message. If you send him the code, the scammer will be able to install WhatsApp with your number on his own phone. You will no longer have access to your account.

To prevent this account theft, WhatsApp offers to activate two-step verification, which helps strengthen security.

Non classé

Why Signal’s latest idea might backfire


Is the Signal instant messaging app putting its finger in a gear that may overtake it? This is the opinion of some observers, specialists in computer security, after having read the latest initiative of the service , which is still at an experimental stage. Indeed, in the United Kingdom alone, Signal is exploring a payment service called Signal Payments.

“  We want payments in Signal to be fast, private and work well on mobile devices,  ” IM said in an April 6 blog post. And to begin with, the application continues, it is on MobileCoin that it bets. It is a cryptocurrency which, as the name suggests, is thought to be used like digital money on the smartphone.

According to the presentation, MobileCoin includes near instant transactions, in less than ten seconds. It also offers features to easily restore its currencies (MobileCoin currency is called MOB), including in the event of loss of the mobile. Finally, it claims to be eco-responsible: it claims to be much more economical in electricity than other cryptocurrencies, which require energy to operate .

But the specificity that concerns today is its level of confidentiality.

MobileCoin is pleased that  »  the whole ledger [which allows to keep a trace and to follow the transactions with MOB, note] is opaque, the individual transactions are protected by cryptography and the network uses the persistent confidentiality  « . This process prevents the confidentiality of past exchanges from being questioned, even if its cryptography would be compromised.

However, it is precisely the high degree of anonymity that alarms, because in the eyes of some commentators, this could backfire not only against Signal, but also against end-to-end encryption in general. This is what Bruce Schneier, a specialist in computer security and cryptography, argues, in a blog post that was published on April 7. He especially fears the reaction of the authorities.

An unfavorable development for encryption?

“  I think that’s a terribly bad idea. […] The addition of a cryptocurrency to an end-to-end encrypted application blurs the morality of the product, and invites all kinds of government investigations and regulatory interference  , ”anticipates Bruce Schneier. He cites haphazardly the FBI, the tax services, the stock market regulator or even anti-money laundering agencies.null

“  I don’t see any good reason to do this. Secure communications and transactions can be separate applications, or even separate applications within the same organization. End-to-end encryption is already at risk. Signal is the best app we have. Combining it with a cryptocurrency means that the whole system dies if one part dies  ”.

Bruce Schneier’s fears over end-to-end encryption are not a figment of the imagination. As recalled in early March the Electronic Frontier Foundation , a key organization for the defense of digital freedoms, the boss of the FBI again demanded before American parliamentarians a backdoor on end-to-end encryption services, in the name of the fight against crime and terrorism.Leading cryptographers are concerned about the measure’s effects on end-to-end encryption. // Source: Facebook

The request from the current FBI boss is not new: Similar calls were made in 2017 , 2018 and 2020 , to take just a few examples. And this is not a debate specific to the United States: it also exists in France, as evidenced by the regular comments of the former public prosecutor François Molins, certain parliamentary initiatives and the reflections at the level of the government , or in Europe. .

Supporters of end-to-end encryption are already struggling to resist the assaults of those who wish to reduce it, to legitimately fight against crime, child pornography, terrorism and trafficking of all kinds. The arrival of payments will give another pretext to regulate these messaging services, in the name of the fight against mafia financing and money laundering.

In summary, this is Bruce Schneier’s analysis. And he’s not the only one to think so. In Wired , Matthew Green cryptography professor said equally concerned  »  signal as encrypted messaging product is really valuable. […] It terrifies me to see them mix up their history with the legislative and regulatory hell of cryptocurrencies and the vulnerabilities that go with it.  « 

Chance of the calendar, a decree appeared in the French Official Journal on April 4 on a similar theme. It focuses on the fight against the anonymity of virtual assets and anonymous electronic currencies. It provides for a tightening up of the national system for combating money laundering and the financing of terrorism. This decree updates a number of legislative provisions.

Thus, the text “  clarifies the ban on the use of anonymous electronic money for the purchase of digital assets. It also imposes on providers of digital asset services an obligation to identify their customers prior to any occasional transaction  ”. In addition, “  it determines the procedures for verifying the identity of customers […] when entering into a business relationship.  « 

A risk for the moment limited?

Obviously, these issues did not deter Signal from moving in this direction. In any case, the announcement note does not mention it. The mobile app just welcomes explaining that it does not have access to the balance, full transaction history or funds, and that these funds can be transferred at any time to another service or app. .

One thing is certain: the choice of MobileCoin probably owes nothing to chance. Beyond its technical peculiarities, it turns out that the American behind Signal , Moxie Marlinspike – a pseudonym – has served as a technical advisor since the creation of MobileCoin in 2017, and that he was paid for it. He contributed to the technical design of cryptocurrency. However, he assures that he does not have any.Moxie Marlinspike, creator of Signal. // Source: John S. and James L. Knight Foundation

MobileCoin is based on Stellar blockchain technology. This is not based on proof of work – that is, computer calculations to be made – but on a particular type of consensus . This orientation explains why transactions are carried out more quickly, without a heavy energy footprint, by avoiding calling on all the nodes of the network to validate the exchanges, but only a part, some of whom are trusted.

Currently, MobileCoin has been trading on the FTX marketplace since December 2020. The peculiarity of FTX is that it does not allow transactions from US users, which can keep US regulators at bay. But Signal suggests a possible deployment in other marketplaces. And at Wired, a project member suggests arriving in the United States. But it might, in the meantime, frown some eyebrows in others. For example, in the UK, where testing is starting.


Non classé

Mark Zuckerberg uses Signal

One of the Signal users is Mark Zuckerberg, CEO and founder of Facebook. The billionaire’s phone number was indeed discovered in a huge data breach at Facebook. After entering the number into the Signal app, a computer security expert realized that Zuckerberg was well listed among rival messaging users of WhatsApp and Messenger. 

A few days ago, Alon Gal, head of cybercrime intelligence firm Hudson Rock, discovered a database containing confidential information on 533 million Facebook users . This data was recovered during a hack into the social network. 

This database includes in particular the Facebook identifier, the full name, the date of birth, sometimes the e-mail address, the gender, the date of creation of the account, the place of residence or the telephone number. Among these hacked numbers is the phone number of Mark Zuckerberg , CEO and creator of Facebook.

Mark Zuckerberg is on Signal, the messenger that overshadows WhatsApp and Messenger

Zuckerberg’s phone number was spotted by computer security researcher Dave Walker. On his Twitter account, the expert explains that he discovered the phone number while browsing the database, which appeared on several hacking forums. Other leaked data, including the anniversary date, confirms that it is indeed the founder of Facebook and not a namesake.

Out of curiosity, Dave Walker entered the phone number into the Signal messaging app, a competitor app to WhatsApp and Facebook Messenger. Zuckerberg’s number is well linked to a Signal account. “Mark Zuckerberg also respects his own privacy by using a chat app that has end-to-end encryption and doesn’t belong to Facebook,” laughs Dave Walker.

This discovery is all the more funny since Signal is one of the direct competitors of Facebook Messenger and WhatsApp . Users scalded by Facebook’s privacy practices are turning overwhelmingly to Signal , a messenger that boasts of not collecting user data. Advised by Edward Snowden, the messaging service simply retrieves the telephone number of its users.

If this leak proves that Mark Zuckerberg does have an account on Signal, there is no indication that he is actively using messaging. We imagine that the computer scientist could have installed Signal in order to take a look at the competition.

Non classé

WhatsApp will offer customization options for its interface in the hope of keeping its users

WhatsApp is indeed testing a new feature allowing users to customize the colors of the application

The application has lost a large number of users due to its new policy of sharing personal data

A few weeks ago, WhatsApp saw its user numbers skyrocket following its announcement to share certain personal data with Facebook , creating an exodus of its users to Signal . Since then, the messaging application has multiplied its attempts to reconnect with its users via information campaigns or new features and it seems that this continues. According to WABetaInfo , WhatsApp is indeed testing a new feature allowing users to customize the colors of the application.

It is in particular a question of modifying the color of the text, but also of certain icons. Nothing revolutionary, but this aesthetic change shows that Facebook – parent company of WhatsApp – wants to offer more customization options to its users. One way to make the app more user-friendly and to involve members more.

European users protected by the GDPR

Will Facebook manage to make people forget the bad press that WhatsApp has been suffering from for a few weeks with such a feature? Hard to say. From May 15, WhatsApp users will still be forced to accept the new policy of sharing certain personal information between the messaging app and Facebook, at the risk of no longer being able to use all of WhatsApp’s features. .

Remember that the change in WhatsApp data usage policy is less important in Europe. The GDPR protects user data and prevents its commercial reuse. WhatsApp will therefore not be able to share « European user data with Facebook in order to improve the group’s advertisements or commercial products, » a spokesperson for Facebook France said.

Non classé

WhatsApp warns users who do not agree to its terms that they will be logged out of the messaging

WhatsApp has established May 15 as the deadline for users to consent to the new privacy policy.

WhatsApp is not taking a break with the implementation of its controversial Terms of Service update. Over the past few days, the platform has sent out notifications warning users of the consequences they face if they do not consent, as the deadline for doing so approaches.

The company has given users until May 15 to agree to the new clauses. Although WhatsApp does not delete the accounts of those who do not follow this step, will be affected by limited functionality of the application.

“ Please accept these updates to continue using WhatsApp, ” read the reminders. “ WhatsApp will not delete your account. However, you will not have all the functionality of WhatsApp until you accept […] For a short time, you will be able to receive calls and notifications, but you will not be able to read or send messages ”, specifies the society.

In addition, in an attempt to calm people down, the platform indicated that it “ is implementing new ways to chat or buy via WhatsApp which are completely optional ”. She also recalls that “ personal messages will always be end-to-end encrypted, so that WhatsApp cannot read or listen to them ”.

The notice regarding the update that WhatsApp sent to users in early January sparked criticism and a massive leak of users to other messaging apps unhappy with how WhatsApp was going to share its data with parent company, Facebook. .

Non classé

WhatsApp. A dangerous virus spreads to the mailbox via a download link

WhatsApp instant messaging is the target of highly contagious malware.

Another virus? Yes. Very contagious. And dangerous – at least for your electronic devices. It is spread through a download link on WhatsApp instant messaging. 

Bad times for WhatsApp. After being criticized for its new terms of use , the famous instant messenger is now plagued by malware. A virus with formidable speed of expansion.

It was the cybersecurity researcher Lukas Stefanko d’Eset who raised the alarm. As he explains in the video below, once it has infected a smartphone, this virus automatically sends a tricked download link to received WhatsApp messages, in order to spread.

How? ‘Or’ What ? By impersonating Google Play and an official Huawei application. The download link refers in fact to a fake web page which has the exact appearance of the Google app store and offers to download a supposedly official Huawei app.

And this fake is so well done that you have to be a seasoned user to spot it.

Fake ads and fake pages

During the installation of this fake application, the latter asks to have important access rights.

Thanks to these, the malware will be able to display false advertisements,  but also false login pages to retrieve the identifiers of its victims.

Worse: when receiving a WhatsApp message, the virus will respond automatically with the « quick response » function. His response will consist of the famous tricked download link and the following message: « Download this application and win a smartphone ».

A simple message, but effective, capable of causing quite a few victims among less experienced users. Let us therefore recall here once again the basic rule: no link is clicked, received by email or by courier, without the absolute certainty that it was indeed sent knowingly by one of your contacts – and that this one to you. confirms unambiguously when you ask him the question.

Non classé

WhatsApp gives in on its policy, fearing the exodus to Signal


The policy update has been postponed. A real admission of weakness.

Last week there was a massive exodus to Telegram and Signal for WhatsApp users. At issue: a new privacy policy chosen by Facebook, giving access to instant messaging data to the social network of the same name. Today, WhatsApp announces in a press release that the change will ultimately not take place.

The week had been difficult for WhatsApp which had decided, first of all, to play it transparent with press releases explaining its protection of privacy and encrypted messages. The strategy had not worked, and Signal continued to see its number of users grow , with a first position in the ranking of the most downloaded applications.

As an admission of weakness, WhatsApp resolved to say no: its new policy will not be implemented. Not yet, in any case. The controversial update may arrive in three months depending on the announced postponement. We know there has been confusion and misinformation about this update, and we want to help everyone understand our principles and the facts,” his team said.

Give up, rather than procrastinate

The update affected all WhatsApp users. Each country where messaging is present is affected, and some of them have reacted strongly. This is the case with Turkey. The country’s competition authority has opened an investigation into Facebook and WhatsApp and is asking companies to stop this information-sharing effort altogether.

Giving up its implementation rather than just procrastinating, Facebook could be led to make the decision quickly. The current suspicions of monopoly conduct of GAFA could motivate him even more. The wave of departure of users looking for alternatives to WhatsApp like Signal is not to be overlooked either.

For the next few months, a lot of confusion will remain. WhatsApp’s new privacy policy was originally scheduled to go into effect on February 8. It will therefore be on May 15, if Facebook does not take other measures by then.

Non classé

Signal or whatsApp, what’s the difference?

Signal, the privacy-friendly messaging app, is emerging as WhatsApp’s main competitor. Downloads for this app rose 4,200% this week  after WhatsApp announced that its users should start giving certain data to its parent company, Facebook .

Here is a list of the main differences between the two encrypted messaging platforms to help you decide which one you will use.

Who owns WhatsApp?

In 2014, Mark Zuckerberg’s Facebook bought WhatsApp, co-founded by Brian Acton and Jan Koum, for $ 22 billion.

In 2014, Mark Zuckerberg’s Facebook bought WhatsApp, co-founded by Brian Acton and Jan Koum, for $ 22 billion. During the Cambridge Analytica scandal, the social network admitted that 87 million people could have accessed the data. WhatsApp’s own co-founders then turned their backs on the company.

Who owns Signal?

Brian Acton has injected $ 50 million of his capital into his rival app(Signal).

Signal is managed by the nonprofit Signal Foundation. Brian Acton and Moxie Marlinspike, CEO of Signal, co-founded this structure in February 2018. According to the Signal Foundation website, Brian Acton left Whatsapp after the acquisition of Facebook “due to differences in the use of customer data and targeted advertising ”. Management donated $ 50 million to start the Signal Foundation, and now sits on the organization’s board of directors.

Meredith Whittaker is the third member of the Signal Foundation board. She was a former Google engineer who helped organize the company and now defends the interests of workers in the tech industry.

How secure is WhatsApp?

Facebook cannot access chats due to end-to-end encryption, but the company can resell its users ‘data.Facebook has access to WhatsApp users’ phone numbers, IP addresses, mobile network, duration use of the application, payment data of its users, cookies and location data, Some users had chosen not to allow Facebook to access their personal data as of 2016.

But WhatsApp said if all users did not agree to share information by February 8, they would lose access to the app.

How secure is Signal ?

Signal indicates that it is not getting messages, groups, contacts, or profile information from its users. The only two pieces of information Signal collects are how long Signal was installed and when it was last installed. The company also opens the sources for all of its software, which means web users can see how the technician designed the software. application.

Signal has been recommended by many security experts, including Edward Snowden, Vice reporters, and The Intercept have also recommended using Signal over WhatsApp to ensure your messages stay private.

However, the application is not perfect. Security experts have warned of a new feature that allows users to recover data using a PIN code, which could potentially infringe on privacy. “The problem with this is that most people choose weak PINs.

Is WhatsApp easy to use?

WhatsApp appeals to more than two billion users with its ease of use and intuitiveness.The application is available on iOS and Android devices, and automatically synchronizes your phone contacts list, since users are identified by their mobile number . Users can form chat groups, make voice and video calls, and make free international calls using Wi-Fi. They can also share their location, documents, and files with others. WhatsApp also allows adding a PIN to set up two-step verification before accessing the app, and WhatsappInsider also reported on tips that WhatsApp users can add to improve its usage.

Is Signal easy to use?

Signal has fewer customizable features than WhatsApp. The app is available on iOS, Android, and Mac and PC. Users can send each other photos, videos, links and other files. As with WhatsApp, they can also remove messages and photos whenever they want. Internet users can initiate audio and video calls, and form groups of up to 150 people.

The beta version of Signal, however, has more to offer users than the standard app. It allows you to create chat rooms, designate administrators and send invitations for your group.

Original versions:  Allana Akhtar / Business Insider

Non classé

Signal ou whatsApp, quelle est la différence ?

Signal, l’application de messagerie respectant la vie privée, est en train d’émerger comme principal concurrent de WhatsApp. Les téléchargements de cette application ont augmenté de 4200% cette semaine après que WhatsApp a annoncé que ses utilisateurs devraient commencer à donner certaines données à sa société mère, Facebook.

Voici une liste des principales différences entre les deux plateformes de messagerie cryptée pour vous aider à choisir celle que vous utiliserez.

Qui est propriétaire de WhatsApp ?

En 2014, Facebook de Mark Zuckerberg a acheté WhatsApp, co-fondée par Brian Acton et Jan Koum, pour 22 milliards de dollars.

En 2014, Facebook de Mark Zuckerberg a acheté WhatsApp, co-fondée par Brian Acton et Jan Koum, pour 22 milliards de dollars.Lors du scandale de Cambridge Analytica, le réseau social avait admis que 87 millions de personnes auraient pu avoir accès aux données de ses utilisateurs.Les propres co-fondateurs de Whatsapp ont ensuite tourné le dos à l’entreprise .

Qui est propriétaire de Signal ?

Brian Acton a injecté 50 millions de dollars de son capital dans son application rivale(Signal).

Signal est géré par l’organisation à but non lucratif Signal Foundation. Brian Acton et Moxie Marlinspike, PDG de Signal, ont co-fondé cette structure en février 2018. Selon le site web de la Signal Foundation, Brian Acton a quitté Whatsapp après l’acquisition de Facebook « en raison de différences concernant l’utilisation des données clients et de la publicité ciblée ». La direction a donné 50 millions de dollars pour lancer la Signal Foundation, et siège désormais au conseil d’administration de l’organisation.

Meredith Whittaker est le troisième membre du conseil d’administration de la Signal Foundation. C’est une ancienne ingénieure de Google qui a contribué à syndicaliser l’entreprise et défend maintenant les intérêts des travailleurs du secteur technologique.

Quel est le degré de sécurité de WhatsApp ?

Facebook ne peut pas accéder aux chats en raison du cryptage de bout en bout, mais la société peut revendre les données de ses utilisateurs.Facebook a accès aux numéros de téléphone des utilisateurs de WhatsApp, aux adresses IP, au réseau mobile, à la durée d’utilisation de l’application, aux données de paiement de ses utilisateurs, aux cookies et aux données de localisation, Certains utilisateurs avaient choisi de ne pas autoriser Facebook à accéder à leurs données personnelles dès 2016.

Mais WhatsApp a déclaré que si tous les utilisateurs n’acceptaient pas de partager des informations d’ici le 8 février, ils perdraient l’accès à l’application.

Quel est le degré de sécurité de Signal ?

Signal indique qu’elle n’obtient pas les messages, groupes, contacts ou informations de profil de ses utilisateurs. Les deux seules informations que Signal collecte sont la durée d’installation de Signal et la date de sa dernière installation.L’entreprise ouvre également les sources de tous ses logiciels, ce qui signifie que les internautes peuvent voir comment le technicien a conçu l’application.

Signal a été recommandé par de nombreux experts en sécurité, dont Edward Snowden, les journalistes de Vice et The Intercept ont aussi conseillé d’utiliser Signal plutôt que WhatsApp pour garantir que vos messages restent privés.

Cependant, l’application n’est pas parfaite. Les experts en sécurité ont mis en garde contre une nouvelle fonctionnalité permettant aux utilisateurs de récupérer des données à l’aide d’un code PIN, qui pourrait porter atteinte à la vie privée. « Le problème avec cela est que la plupart des gens choisissent des codes PIN faibles.

WhatsApp est-elle facile à utiliser?

WhatsApp séduit plus de deux milliards d’utilisateurs par sa facilité d’utilisation et son intuitivité.L’application est disponible sur les appareils iOS et Android, et synchronise automatiquement votre liste de contacts téléphoniques, puisque les utilisateurs sont identifiés par leur numéro de portable. Les utilisateurs peuvent former des groupes de discussion, passer des appels vocaux et vidéo, et passer des appels internationaux gratuits en utilisant le Wi-Fi. Ils peuvent aussi partager leur emplacement, leurs documents et leurs fichiers avec d’autres personnes. WhatsApp permet également d’ajouter un code PIN pour mettre en place une vérification en deux étapes avant d’accéder à l’application.WhatsappInsider a également fait état d’astuces que les utilisateurs de WhatsApp peuvent ajouter pour améliorer son utilisation. Les utilisateurs peuvent marquer les messages comme non lus et épingler les messages importants sur le chat, des fonctionnalités qui ne sont pas disponibles sur Signal.

Signal est-elle facile à utiliser?

Signal a moins de fonctionnalités personnalisables que WhatsApp. L’application est disponible sur iOS, Android et sur Mac et PC. Les utilisateurs peuvent s’envoyer des photos, des vidéos, des liens et d’autres fichiers. Comme pour WhatsApp, ils peuvent aussi retirer des messages et des photos quand ils le souhaitent.Les internautes peuvent lancer des appels audios et vidéos, et former des groupes de 150 personnes maximum.

La version bêta de Signal, cependant, a plus à offrir aux utilisateurs que l’application standard. Elle permet de créer des salons de discussion, désigner des administrateurs et envoyer des invitations pour votre groupe.

Versions originale : Allana Akhtar/Business Insider