WhatsApp fixes video call exploit that allowed account hijacks

WhatsApp Fixes Bug That Could Let Hackers Crash App During Calls

WhatsApp Fixes Bug That Could Let Hackers Crash App During Calls

The error, which affected both Apple and Android versions of the renowned instant messaging app, allowed hackers to control the application via video calls.

Google Project Zero whizkid and Tamagotchi whisperer Natalie Silvanovich discovered and reported the flaw, a memory heap overflow issue, directly to WhatsApp in August. On Twitter, Silvanovich said it's possible the video call bug could be exploited to trigger WhatsApp to run other malicious functions.

The vulnerability deals with how WhatsApp processes video calls over Real-time Transport Protocol or RTP.

Although the WhatsApp bug has been patched, we recommend WhatsApp users to update to the latest version of the messaging app on Android and iOS. The researcher has explained the bug as a "memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation".

According to a new report from Reuters, a security researcher had discovered and reported the flaw to WhatsApp back in August.

More news: Hurricane Michael's death count rises after Virginia reports several fatalities
More news: PC market flat in Q3, Microsoft becomes a top five USA vendor
More news: Australian law allows religious schools to reject gays: PM

Just recently, the news of hackers breaking into smartphones through WhatsApp video calls made the round on tech news all over the world - sending users of the popular messenger app in frenzy. The company fixed the same on September 28 in the Android client and on October 3 in the iPhone client. The WhatsApp Web is not affected because it relies on WebRTC for video calls.

WhatsApp has also issued a statement on the same and said they promptly fixed the issue to resolve this bug problem, adds the report. Last month, Brian Acton went on record to say that he sold users' privacy when Facebook acquired WhatsApp.

"But I am more concerned with proprietary software from a commercial entity interested in maintaining its user base and profit margins", Garaffa continued. Hackers are using the voicemail systems to hack into users' WhatsApp accounts.

A WhatsApp employee familiar with dealing of the issue said there was no evidence that hackers actually exploited the bug to launch attacks.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.