The Media File Jacking threat is especially concerning in light of the common perception that the new generation of IM apps is immune to content manipulation and privacy risks, thanks to the utilization of security mechanisms such as end-to-end encryption. Users generally trust IM apps such as WhatsApp and Telegram to protect the integrity of both the identity of the sender and the message content itself. This is in contrast to older apps/protocols such as SMS, which are known to be spoofed pretty easily. However, as we’ve mentioned in the past, no code is immune to security vulnerabilities. While end-to-end encryption is an effective mechanism to ensure the integrity of communications, it isn’t enough if app-level vulnerabilities exist in the code. What the Media File Jacking research we found demonstrates is that attackers may be able to successfully manipulate media files by taking advantage of logical flaws in the apps, that occur before and/or after the content is encrypted in transit.

We explore Media File Jacking, how it can be exploited, and its potential impact in more detail below.