Here’s How to Find if WhatsApp Web Code on Your Browser Has Been Hacked


Meta Platforms’ WhatsApp and Cloudflare have banded together for a new initiative called Code Verify to validate the authenticity of the messaging service’s web app on desktop computers.

Available in the form of a Chrome and Edge browser extension, the open-source add-on is designed to “automatically verif[y] the authenticity of the WhatsApp Web code being served to your browser,” Facebook said in a statement.

Automatic GitHub Backups

The goal with Code Verify is to confirm the integrity of the web application and ensure that it hasn’t been tampered with to inject malicious code. The social media company is also planning to release a Firefox plugin to achieve the same level of security across browsers.

The system works with Cloudflare acting as a third-party audit to compare the cryptographic hash of WhatsApp Web’s JavaScript code that’s shared by Meta with that of a locally computed hash of the code running on the browser client.

WhatsApp Web Code

Code Verify is also meant to be flexible in that whenever the code for WhatsApp Web is updated, the cryptographic hash value will be updated automatically in tandem, so that the code served to users is certified on the fly.

Prevent Data Breaches

WhatsApp, in a separate FAQ on the latest security feature, emphasized that “the extension won’t read or access the messages you send or receive, and we won’t know if you have downloaded the extension.” The add-on will also not log any data, metadata, or user data, and doesn’t share any information with WhatsApp, it noted.

“The idea itself — comparing hashes to detect tampering or even corrupted files — isn’t new, but automating it, deploying it at scale, and making sure it ‘just works’ for WhatsApp users is,” Cloudflare said.

Products You May Like

Articles You May Like

WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!
Over 2400 Fake Pages Found Targeting Job Seekers in Middle East, Africa
Twitter ends free SMS 2FA: Here’s how you can protect your account now
China-Aligned “Operation Tainted Love” Targets Middle East Telecom Providers
Understanding Managed Detection and Response – and what to look for in an MDR solution

Leave a Reply

Your email address will not be published. Required fields are marked *