{“lastseen”:”2026-01-27T14:05:13″,”description”:”WhatsApp is going through a rough patch. Some users would argue it has been ever since Meta acquired the once widely trusted messaging platform. User sentiment has shifted from \u201ctrusted default messenger\u201d to a grudgingly necessary Meta product.\\n\\nPrivacy-aware users still see WhatsApp as one of the more secure mass-market messaging platforms if you lock down its settings. Even then, many remain uneasy about Meta\u2019s broader ecosystem, and wish all their contacts would switch to a more secure platform.\\n\\nBack to current affairs, which will only reinforce that sentiment. \\n\\nGoogle\u2019s Project Zero has just disclosed a WhatsApp vulnerability where a malicious media file, sent into a newly created group chat, can be automatically downloaded and used as an attack vector.\\n\\nThe bug affects WhatsApp on Android and involves zero\u2011click media downloads in group chats. You can be attacked simply by being added to a group and having a malicious file sent to you.\\n\\nAccording to Project Zero, the attack is most likely to be used in targeted campaigns, since the attacker needs to know or guess at least one contact. While focused, it is relatively easy to repeat once an attacker has a likely target list.\\n\\nAnd to put a cherry on top for WhatsApp\u2019s competitors, a potentially even more serious concern for the popular messaging platform, an international group of plaintiffs sued Meta Platforms, alleging the WhatsApp owner can store, analyze, and access virtually all of users’ private communications, despite WhatsApp\u2019s end-to-end encryption claims.\\n\\n## How to secure WhatsApp\\n\\nReportedly, Meta pushed a server change on November 11, 2025, but Google says that only partially resolved the issue. So, Meta is working on a comprehensive fix.\\n\\nGoogle\u2019s advice is to disable Automatic Download or enable WhatsApp\u2019s Advanced Privacy Mode so that media is not automatically downloaded to your phone.\\n\\nAnd you\u2019ll need to keep WhatsApp updated to get the latest patches, which is true for any app and for Android itself.\\n\\n### Turn off auto-download of media\\n\\nGoal: ensure that no photos, videos, audio, or documents are pulled to the device without an explicit decision.\\n\\n * Open WhatsApp on your Android device.\\n * Tap the three\u2011dot menu in the top\u2011right corner, then tap **Settings**.\\n * Go to **Storage and data** (sometimes labeled **Data and storage usage**).\\n * Under **Media auto-download** , you will see **When using mobile data** , **when connected on Wi\u2011Fi**. and **when roaming**.\\n * For each of these three entries, tap it and uncheck all media types: **Photos** , **Audio** , **Videos** , **Documents**. Then tap **OK**.\\n * Confirm that each category now shows something like \u201cNo media\u201d under it.\\n\\n\\n\\nDoing this directly implements Project Zero\u2019s guidance to \u201cdisable Automatic Download\u201d so that malicious media can’t silently land on your storage as soon as you are dropped into a hostile group.\\n\\n### Stop WhatsApp from saving media to your Android gallery\\n\\nEven if WhatsApp still downloads some content, you can stop it from leaking into shared storage where other apps and system components see it.\\n\\n * In **Settings** , go to **Chats**.\\n * Turn off **Media visibility** (or similar option such as **Show media in gallery**). For particularly sensitive chats, open the chat, tap the contact or group name, find **Media visibility** , and set it to **No** for that thread.\\n\\n\\n\\nWhatsApp is a sandbox, and should contain the threat. Which means, keeping media inside WhatsApp makes it harder for a malicious file to be processed by other, possibly more vulnerable components.\\n\\n### Lock down who can add you to groups\\n\\nThe attack chain requires the attacker to add you and one of your contacts to a new group. Reducing who can do that lowers risk.\\n\\n * \u200bIn **Settings** , tap **Privacy**.\\n * Tap **Groups**.\\n * Change from Everyone to My contacts or ideally My contacts except\u2026 and exclude any numbers you do not fully trust.\\n * If you use WhatsApp for work, consider keeping group membership strictly to known contacts and approved admins.\\n\\n\\n\\n### Set up two-step verification on your WhatsApp account\\n\\nRead this guide for Android and iOS to learn how to do that.\\n\\n* * *\\n\\n**We don\u2019t just report on phone security\u2014we provide it**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.”,”published”:”2026-01-27T11:55:27″,”modified”:”2026-01-27T11:55:27″,”type”:”malwarebytes”,”title”:”A WhatsApp bug lets malicious media files spread through group chats”,”source”:””,”references”:””,”id”:”MALWAREBYTES:C8ECDDB8B9FFD93D1889E0DF9D42BF54″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/01\/a-whatsapp-bug-lets-malicious-media-files-spread-through-group-chats”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-01-27T14:05:13″,”description”:”WhatsApp is going through a rough patch. Some users would argue it has been ever since Meta acquired the once widely trusted messaging platform. User…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-37530","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n