A bug in the popular messaging service WhatsApp put up to 200 million of its users at risk, a security firm has warned.
Although the messaging site quickly fixed the flaw, Centre Point has warned users to be vigilant about security risks.
Discovered last month, the flaw allowed hackers to distribute malware, including ransomware, which demands victims pay a fee to regain access to their files.
Only users of the WhatsApp web app, a mirror version of its mobile app, were affected.
There are currently over 200 million active users of the web app, according to statistics released by the firm this year. This compares to 900 million users of the smartphone app.
According to Check Point, the vulnerability was caused by the way the service handles contacts sent in the vCard (virtual card) format.
All a hacker needed to do to send a virtual contact card that looked genuine was to know their victim’s mobile number.
Once opened the vCard could distribute malicious code.
One expert said it was relatively easy to get hold of phone numbers.
“Bearing in mind that WhatsApp is a cross-platform mobile messaging app, the chances of you opening a vCard sent to you is quite high,” Mark James, a specialist at security firm ESET told the BBC.
“Once opened it could attempt to download and infect your system with ransomware.”
The organisation is now urging WhatsApp users to update their software.
Oded Vanunu, Security Research Group Manager at Check Point said: ” We applaud WhatsApp for such proper responses, and wish more vendors would handle security issues in this professional manner. Software vendors and service providers should be secured and act in accordance with security best practices.”