| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the vulnerability in WhatsApp and Telegram allowing hackers to manipulate media files has happened again within the same organization. Symantec researchers disclosed a new vulnerability that could allow potential hackers to alter images and audio files sent through these messaging apps [87208]. This incident is a continuation of previous security flaws reported in WhatsApp, such as the flaw that allowed hackers to install spyware on devices with a simple phone call [87208].
(b) Additionally, the incident involving the vulnerability in WhatsApp and Telegram has also occurred in other organizations or with their products and services. Symantec researchers discovered a similar vulnerability in both WhatsApp and Telegram on Android, named "Media File Jacking," which allows hackers to manipulate multimedia files without users' knowledge [87185]. This indicates a broader issue with how media files are handled in messaging apps on the Android platform, potentially affecting other similar applications as well. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the development phase of design was due to a vulnerability in WhatsApp and Telegram that allowed potential hackers to alter images and audio files sent through the apps. This vulnerability stemmed from how media files are stored on the platforms, where files stored on external storage could be accessed and manipulated by other apps, leading to the manipulation of images and audio files [87208, 87185].
(b) The software failure incident related to the development phase of operation was due to a vulnerability named "Media File Jacking" that occurred in the time between multimedia files being received through WhatsApp and Telegram and when they were loaded into the chat interface. This vulnerability allowed hackers to use malware to alter multimedia files without the users' knowledge, exploiting the way Android apps store files in internal and external storage [87185]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident reported in the articles is primarily within the system. The vulnerability in WhatsApp and Telegram that allowed hackers to alter images and audio files was due to how media files are stored on these platforms. Symantec researchers disclosed that the flaw stemmed from the way files are stored on external storage within the apps, allowing other apps to access and manipulate them [87208, 87185]. This vulnerability, named "Media File Jacking," occurred during the time between when multimedia files were received through the apps and when they were loaded into the chat interface, providing an opportunity for malicious actors to intervene and manipulate the files without the user's knowledge [87185].
(b) outside_system: The software failure incident also involved contributing factors that originated from outside the system. Hackers could exploit the vulnerability using malware to alter the multimedia files sent through WhatsApp and Telegram without the users' knowledge [87208, 87185]. This external factor of malicious intervention highlights how threats from outside the system can impact the security and integrity of the software platforms. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The vulnerability in WhatsApp and Telegram, known as "Media File Jacking," allowed hackers to utilize malware to alter multimedia files sent through the services without the users' knowledge. This vulnerability occurred in the time between when the multimedia files received through the apps were written to the smartphone's external memory and when they were loaded into the chat interface of the application. This critical time gap provided an opportunity for malicious actors to intervene and manipulate the multimedia files without the user's awareness [Article 87185].
(b) The software failure incident occurring due to human actions:
The security flaw in WhatsApp and Telegram, which allowed potential hackers to alter images and audio files, stemmed from how media files are stored on these platforms. Symantec researchers pointed out that when files are stored on external storage, other apps can access and manipulate them. For instance, on WhatsApp, files are stored externally by default, while on Telegram, the vulnerability is present if "Save to Gallery" is enabled. This storage mechanism introduced a vulnerability that could be exploited by malicious actors to manipulate the media files being sent through these messaging apps [Article 87208]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident occurring due to hardware:
- The vulnerability in WhatsApp and Telegram that allowed hackers to alter images and audio files was due to how media files are stored on external storage on Android devices [87208, 87185].
- The vulnerability, known as "Media File Jacking," occurred in the time between when multimedia files received through the apps are written to the external memory of the smartphone and when they are loaded into the chat interface, presenting an opportunity for malicious actors to intervene and manipulate the files without the user's knowledge [87185].
(b) The software failure incident occurring due to software:
- The software failure incident in WhatsApp and Telegram was primarily due to how the apps stored media files on external storage, allowing other apps to access and manipulate them [87208].
- The vulnerability stemmed from a flaw in how media files were handled within the apps, rather than a hardware issue [87208]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident related to the vulnerability in WhatsApp and Telegram allowing hackers to alter images and audio files can be categorized as malicious. Researchers from Symantec disclosed how hackers could exploit a vulnerability named "Media File Jacking" to manipulate multimedia files sent through the messaging apps without the users' knowledge [87208, 87185]. This vulnerability created an opportunity for malicious actors to intervene and manipulate files during the critical time between when the multimedia files are received and when they are loaded into the chat interface of the application [87185].
The incident involved the use of malware to alter files, indicating a deliberate attempt to compromise the security and integrity of the messaging platforms. The potential consequences of this vulnerability included scenarios where hackers could replace images or audio files with malicious content, leading to fraud or misinformation [87208]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident was due to poor_decisions. Researchers from Symantec disclosed flaws in WhatsApp and Telegram that could allow potential hackers to alter images and audio files sent through the apps. The vulnerability stemmed from how media files are stored on the platforms, with files being stored externally by default on WhatsApp and when "Save to Gallery" is enabled on Telegram. This allowed other apps to access and manipulate the files, creating a security risk [87208, 87185]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident occurring due to development incompetence:
- The vulnerability in WhatsApp and Telegram that allowed hackers to alter images and audio files was disclosed by researchers from Symantec [87208].
- The security flaw stemmed from how media files are stored on WhatsApp and Telegram, where files stored on external storage could be accessed and manipulated by other apps, indicating a lack of secure storage practices [87208].
- Symantec's researchers tested malware they created to manipulate image and audio files sent through WhatsApp and Telegram, demonstrating the potential impact of development incompetence in ensuring secure file handling [87208].
(b) The software failure incident occurring accidentally:
- The vulnerability, named "Media File Jacking," was discovered by researchers from Symantec, highlighting an accidental flaw in the design or implementation of WhatsApp and Telegram on Android [87185].
- The vulnerability occurred due to the time lapse between when multimedia files received through the apps are written to the smartphone's external memory and when they are loaded into the chat interface, providing an opportunity for malicious actors to intervene accidentally [87185].
- WhatsApp and Telegram store files in external storage by default or when specific functions are enabled, making them vulnerable to accidental manipulation by malicious apps with access to external storage [87185]. |
| Duration |
temporary |
From the provided articles, the software failure incident related to the vulnerability in WhatsApp and Telegram allowing hackers to manipulate files sent through the apps can be categorized as a temporary failure. This is because the vulnerability stemmed from how media files are stored on the apps, specifically on external storage, which allowed other apps to access and manipulate them. The vulnerability was not a permanent issue but rather a temporary one that could be mitigated by changing settings for media storage on the apps [87208, 87185]. |
| Behaviour |
omission, value, other |
(a) crash: The software failure incident related to WhatsApp and Telegram vulnerability does not involve a crash where the system loses state and does not perform any of its intended functions. Instead, the vulnerability allows potential hackers to alter images and audio files sent through the messaging apps [87208, 87185].
(b) omission: The vulnerability in WhatsApp and Telegram allows hackers to manipulate multimedia files sent through the apps without the users' knowledge. This can lead to the omission of the intended content in the files received by the recipients [87208, 87185].
(c) timing: The vulnerability in WhatsApp and Telegram does not involve a timing issue where the system performs its intended functions too late or too early. Instead, the vulnerability occurs during the time when multimedia files are written to the external memory of the smartphone and loaded into the chat interface of the app [87185].
(d) value: The software failure incident related to WhatsApp and Telegram vulnerability falls under the category of performing the intended functions incorrectly. Hackers can exploit the vulnerability to alter images and audio files, potentially leading to misinformation or fraud [87208, 87185].
(e) byzantine: The software failure incident related to WhatsApp and Telegram vulnerability does not exhibit a byzantine behavior where the system behaves erroneously with inconsistent responses and interactions. The vulnerability allows for unauthorized manipulation of multimedia files sent through the apps [87208, 87185].
(f) other: The other behavior exhibited in this software failure incident is unauthorized manipulation of multimedia files sent through WhatsApp and Telegram by potential hackers using malware. This manipulation can lead to misinformation, fraud, or other malicious activities without the knowledge of the users [87208, 87185]. |