A group of Palestinian hackers defaced the website of WhatsApp, a popular messaging app, on Tuesday, according to a report by CNET.
The pro-Palestinian message appeared on the site at 2:40 am PT Tuesday morning, with a group called KDMS Team taking credit for the attack. Hacker News said the same group was responsible for the DNS hijack attack that happened over the weekend on web hosting company LeaseWeb’s website.
WhatsApp is a cross-platform instant messaging app which allows users to chat, as well as send each other images, videos and audio. It competes with other messaging apps, including LINE, WeChat, and Kik, and has over 300 million active users.
It is unclear if the hack impacted any WhatsApp user data or the actual messaging app, but the website is back to normal as of Tuesday at 10 am ET.
WhatsApp is no stranger to security issues. Recently, a computer science student at Utrecht University uncovered flaws with its encryption which would allow an attacker to look at how the XOR operation used by the RC4 encryption standard is working in both ways in order to reveal bits of the plain text, according to a report by TechWeek Europe. Another security researcher found SSL encryption weaknesses in the payment processing of the app, which could have exposed user details.
If employees have an app like WhatsApp installed on their device they use at work, a compromise to their user data could have negative implications on confidential company data elsewhere on their device. While the majority of organizations don’t have a formal policy around BYOD, some organizations ban the use of services like Dropbox or Skype on company-owned devices, opting for services like Office 365 to use Microsoft Lync for messaging.