Recently a security researcher has come across a critical vulnerability in the Facebook-owned instant messaging app known as WhatsApp which sends infected GIFs for compromising user chat sessions, messages as well as files. This messenger let the hackers accessing your device and then allows to steal the data. The main danger arises from a double-free bug in WhatsApp.This particular double-free vulnerability specifically a memory corruption which has the ability to crashing an app or even opening up an exploit vector which the hackers can misuse for gaining access.
The particular security problem has been named as CVE-2019-11932 which we have already mentioned is a double-free bug which is present in the messaging app for the phones having the Android version below 2.19.244.
The particular double-free critical vulnerability which happens when the free parameter is known for twice the same argument s well as value in the software. This type of issue can create problems related to the leakage of memory as well as become corrupted. Not only this but it can also give the hackers the chance for overwriting elements as well as executing the arbitrary code. The researcher who discovered this WhatsApp vulnerability goes by the handle named “Awakened” who created as well as used a suspicious GIF file for triggering the issue for performing a Remote Code Execution, also known as RCE attack.
The researcher wrote, “The exploit works well until WhatsApp version 2.19.230. The vulnerability is officially patched in WhatsApp version 2.19.244” This particular bug also operates for phones which works for Android 8.1 as well as Android 9.0 operating system. Having said that, it does not work for Android 8.0 and less than this version. Now let us discuss it in a detailed manner.
What is WhatsApp double-free vulnerability?
As per the report revealed by Awakened, they said that the particular vulnerability can affect in two different ways. In a first way, a suspicious app is already being installed on a targeted Android phone and the particular app instantly create a suspicious GIF file which is to be used for stealing the data from WhatsApp by collecting the information from the library. If you talk about the second method, it will be requiring the user which needs to be exposed to the payload of the infected GIF in the Facebook-owned messaging app either through other mediums or through an attachment. Having said that, if the particular GIF is directly being sent through the Gallery Picker of the WhatsApp, the attack will not be successful. If the user opens the Gallery View in WhatsApp, the GIF file will be parsed two times which may lead to triggering a remote shell in the app and finally leads to RCE as we have mentioned above.
The researcher has finally reported Facebook about this vulnerability which has been occurring in version 2.19.244 of WhatsApp. Now to prevent yourself from this malicious attack we will highly advise you to update your WhatsApp app to the latest version available on Google Play Store or Apple Store.
Meanwhile, the developers of WhatsApp have started working on this issue for the platform. As per the reports, it has been known that the company is planning to introduce “disappearing” messages which means that the company will be introducing a textual function that is quite same as the “WhatsApp status”. Each WhatsApp status which is present in the status tab will last for only 24 hours after it is being posted. Through this, we can say that the developers have started working on this issue particularly. Let us have a look at the disappearing message.
Any message will be now eligible to be disappeared, will be instantly deleted from the chat. When the users mark the chat as disappeared, all the selected message will automatically be removed after a certain period of time. This feature is present in one of the most popular messaging platforms which are known as Telegram. In this secret chat feature, the apps will be allowing the users to send messages that disappear after a span of time. This feature will be very useful for the user who is sharing sensitive data through the app. This will also let the users maintaining their privacy and ultimately the attackers will not be able to gather the secret information.
When the researcher approached Facebook for solving this issue, they said, “It was reported and quickly addressed last month. We have no reason to believe this affected any users though of course, we are always working to provide the latest security features to our users.”
This is not the first time that WhatsApp is facing security flaw, back in May, the app was facing a serious problem when the researcher discovered security flaw which has been exploited to secretly install spyware onto the device of the users. As the app was suffering from a buffer weakness through which the attackers can run the suspicious codes which will allow them to gain access to the encrypted chats, contacts, images various other data which are stored on the smartphone of the user. To this Facebook said, “This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems. We have briefed a number of human rights organisations to share the information we can and to work with then to notify civil society.”
These malicious activities do not end here, back in August 2019 some researchers have revealed that WhatsApp messages can now be altered without the knowledge of the users. This happened because of the issue found in the app’s system. To this Facebook responded by saying, “We carefully reviewed this issue a year ago and it is false to suggest there is a vulnerability with the security we provide on WhatsApp. We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private such as storing information about the origin of messages.”
After seeing all such vulnerabilities since the past few months, we can only conclude that you have to update the updated version of the WhatsApp and be cautious enough while sharing any kind of secret information.