![]() ![]() This is where an attack deliberately puts too much code into a small buffer so that it "overflows" and writes code into a location it shouldn't be able to access. This worked through a method known as buffer overflow. And the target may not even be aware that malware has been installed on their device. Even if the target didn't answer the call, the attack could still be effective. This scary attack allowed hackers to access a device simply by placing a WhatsApp voice call to their target. To keep yourself safe from this problem, you should update WhatsApp to version 2.19.244 or above.Īnother WhatsApp vulnerability discovered in early 2019 was the Pegasus voice call hack. Fortunately, Awakened disclosed the vulnerability responsibly and Facebook, which owns WhatsApp, patched the issue. The vulnerability affected versions of WhatsApp up to 2.19.230 on Android 8.1 and 9. They could also see users' files, photos, and videos sent through WhatsApp. ![]() The hackers would be able to see who the user had been messaging and what they had been saying. If a hacker were to send a malicious GIF to a user, they could compromise the user's entire chat history. This means that code can be hidden within the image. GIF files are special because they have multiple encoded frames. When this happens, the app parses the GIF to show a preview of the file. The hack works by taking advantage of the way that WhatsApp processes images when the user opens the Gallery view to send a media file. As WhatsApp now blocks users that are not running a recent version of the app, it is safe to assume that all WhatsApp users are now protected from this flaw, without any action needed from their end.In October 2019, security researcher Awakened revealed a vulnerability in WhatsApp that let hackers take control of the app using a GIF image. WhatsApp later acknowledged the issue and issued a fix which was available in WhatsApp version 2.21.1.13 which was made available in January this year. The security flaw was disclosed to Whatsapp on November 10, 2020, according to the security firm. “A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image,” WhatsApp stated in its February security advisory for CVE-2020-1910. While this is a theoretical vulnerability and WhatsApp did not see any evidence of this vulnerability being misused, the company fixed the flaw so users should be safe from further misuse of the bug. Researchers Dikla Barda & Gal Elbaz from the security firm discovered that if the user applied a WhatsApp filter to the image, the hacker could gain access to WhatsApp memory which can contain important data. The security flaw involved the use of WhatsApp image filters that could be misused by an attacker by sending a maliciously crafted image that would impact the users' devices, allowing the cyber criminal to gain access to personal accounts and read information from WhatsApp's memory.Īlso read: Looking for a smartphone? Check Mobile Finder here. ![]() According to Check Point Research, the security firm that discovered the WhatsApp flaw, the Facebook-owned messaging app has fixed an “out of bounds, read-write vulnerability” that could have allowed a hacker to read sensitive information from WhatsApp memory. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |