Warning about security risks in unofficial WhatsApp applications and Windows systems.
The National Information Technology Agency, affiliated with the Ministry of Communications, has announced an increase in hacking incidents targeting users of modified WhatsApp applications, in addition to a serious security vulnerability in Windows systems, following several reports from users in Syria who had their personal data stolen.
Warning of a Security Vulnerability in Windows Systems
In a related context, Microsoft has announced the discovery of a new security vulnerability identified as (CVE-2025-29809) affecting Windows 10, 11, and Windows Server, specifically targeting the Credential Guard feature. The company warned that exploiting this vulnerability could allow hackers to access login credentials such as usernames and passwords, posing a threat to internal network security.
Modified WhatsApp Applications Pose Privacy Risks
Engineer Jihad Alala, Director of the Information Security Center at the agency, emphasized that using unofficial versions of WhatsApp like GB WhatsApp and WhatsApp Plus exposes users to hacking risks, with cases of spying on conversations and theft of sensitive data being observed. He noted the difficulty in determining the exact number of cases due to privacy considerations and the lack of complete statistics.
Alala warned that these applications lack basic protection mechanisms, making them vulnerable to exploitation by hackers who may obtain personal and financial information, as well as potentially containing malware that threatens device security.
Security Tips for Data Protection
The Director of the Information Security Center advised WhatsApp users to download the application only from official stores like Google Play and App Store, emphasizing the importance of enabling two-step verification and not sharing verification codes with anyone. He also recommended avoiding clicking on suspicious links and using public Wi-Fi networks to access sensitive applications.
As for Windows users, Alala recommended immediate system updates to avoid security vulnerabilities exploitation, with caution against opening unknown files or links. He also stressed the importance of contacting technical support teams if any abnormal activity is noticed on devices.
He confirmed that the recurrence of these incidents indicates a real threat, urging all users to follow security guidelines to ensure the protection of their data from hacking.
