A New Vulnerability In WhatsApp Allowed Hackers To Hijack Your Phone
Saanvi Araav - Oct 05, 2019
Recently, researchers have discovered a significant vulnerability in WhatApps that could allow hackers to get access to our phones, thus steal our data.
- How To Restrict Other Users From Stalking You On WhatsApp
- WhatsApp Now Has 2 Billion Users Worldwide
- WhatsApp May Soon Add Dark Mode To Its iOS App
Recently, a group of security researchers has discovered a significant vulnerability in the WhatApps app. This vulnerability could allow hackers to get access to our phones, thus steal our data. They accomplished that by sending out malicious GIF. This issue is a double-free vulnerability. It means that particular memory corruption could open the app to the hacker or crash the app, which in turn compromises the device security.
How does it work?
From the technical details, we learned that the attacker would send a particular WhatsApp message to the user with a modified GIF. Then when the user opens the photo gallery of their WhatsApp, that bug will get out. And there are likely some certain Android versions where users face the highest risks of being affected by this bug.
According to Awakened (a developer), the exploit only works on devices with version 2.19.230 of WhatsApp or older. The platform has officially patched this vulnerability with the version 2.19.244.
He also added that the exploit functions on Android 9.0 and 8.1; however, it does not work with Android versions 8.0 and lower. The developer added:
According to WhatsApp, there were no reasons to think that this vulnerability has impacted anyone. Moreover, the company has resolved this issue with a patch.
A spokesperson of WhatsApp said that this issue has been reported and resolved last month.
Lots of problems with WhatsApp recently
WhatsApp has faced numerous security headaches before. Back in October last year, a researcher released information about another vulnerability of the app. With that vulnerability, hackers could seize an account's control by video call. Recently, there was a bug in the app that hackers exploited to spread their Pegasus malware.