New WhatsApp Bug may Hijacks Your Phone Gallery

GIFs are one of the most fun and quirky ways to instantly make any conversation ten times more funny and relatable than it is. One such platform where people make extensive use of GIFs is the instant messaging platform, WhatsApp.

However, a new vulnerability has been discovered by a security researcher on WhatsApp Android that allows hackers to get unauthorized access to a user’s media by sending malicious GIFs, as reported by The Next Web.

This new WhatsApp vulnerability has been discovered by a security researcher named, Awakened, who says the danger arises from a double-free bug on WhatsApp that he describes in detail on GitHub. He has advised people to upgrade to the latest WhatsApp version 2.19.244 to avoid getting this bug on their smartphones.

In case you aren’t aware of what a double-free bug means, it’s a “memory corruption” error that can crash apps or allow the perpetrator to exploit the security of the affected device. Once the hacker is done creating a malicious GIF, they just wait for the user to open their WhatsApp Gallery.

The attacker can send GIF files to use as a document via WhatsApp or in case the attacker is in the contact list of the user (i.e. a friend) then this corrupted GIF gets downloaded automatically without any user interaction. Now once the GIF is done downloading, it’s just a matter of time before the user decides to send a media file to his/her contacts. Once the user opens the WhatsApp Gallery, the bug gets triggered without them send anything. In fact, no additional touch after pressing WhatsApp Gallery is necessary.
                                              Regal Assets Banner
 Researcher further states that the attack can be performed in two ways where the first one includes installing a malicious app on the Android device since the app collects addresses of zygote libraries and generates a malicious GIF file resulting in code execution. The second way is via pairing with an application consisting of a remote memory information disclosure vulnerability. Hackers can then collect the addresses of zygote libraries and craft a malicious GIF file to send it to the WhatsApp user.

He also notified Facebook of the vulnerability after which the company fixed it. “I informed this to Facebook. Facebook acknowledged and patched it officially in WhatsApp version 2.19.244. Facebook helped to reserve CVE-2019-11932 for this issue,” he added.

No comments