Media File Jacking is a variant of the man in the disk flaw revealed by Check Point at DEFCON last year. It arises from the fact that Android s OS makes use of two types of storage internal storage and external storage. In both WhatsApp and Telegram, the services lack proper security mechanisms to prevent other apps with write-to-external storage permissions to access the files. The attack vector can be used in a number of attack scenarios, such as on-the-fly image manipulation and audio message spoofing.
Source: https://threatpost.com/whatsapp-telegram-coding-blunders-media-files/146489/