">
TechMoran
  • About Us
  • Deals
  • Jobs
  • Motoring
    • Money
  • Pitch Your Startup
  • Submit Your Post
  • Freelance Gigs
  • Travel
  • Men’s Corner
  • Dating
Wednesday, January 20, 2021
  • Startups
  • Reviews
  • Insider
    • Obituaries
  • Business
  • Women
  • Blockchain
  • Columnists
  • Hacks & Facts
    • How To
  • Editions
    • US Edition
    • India Edition
    • MENA Edition
    • Asia Edition
    • Europe Edition
    • International Edition
No Result
View All Result
TechMoran
">
Home Mobile

Your WhatsApp chats can be hacked by a malicious GIF if not updated now

Feritter Owich by Feritter Owich
1 year ago
in Mobile
8 min read
0

WhatsApp users are being urged to update the app to avoid a dangerous cyber attack from a security vulnerability.

WhatsApp recently fixed a security vulnerability in its Android-based applications after a security researcher reported the issue almost three months back.

The researcher who goes by a name Awakened reported that the vulnerability could have allowed hackers to compromise Android devices remotely, allowing them to steal files and chat messages. Named CVE-2019-11932, the vulnerability is a double-free memory corruption bug that exists in the open-source GIF image library that WhatsApp uses to generate previews for videos, images, and GIFs.

For those unfamiliar with the term, a double-free vulnerability refers to a memory corruption anomaly that could crash an app, or in a worse case, open up an exploit vector that attackers can abuse to obtain access to your device. All it takes to perform the attack is to craft a malicious GIF and wait for the user to open the WhatsApp gallery.

Awakened stated that the flaw allows the attackers to execute arbitrary code on targeted devices. To exploit this flaw, an attacker needs to send a specially created malicious GIF that is specifically targeted to Android users. The malware triggers when the user opens the image in WhatsApp.

“The exploit works well for Android 8.1 and 9.0, but does not work for Android 8.0 and below. In the older Android versions, double-free could still be triggered. However, the app just crashes before reaching to the point that we could control the PC register.”

Awakened.

“WhatsApp users, please do update to latest WhatsApp version to stay safe from this bug,” Awakened warned in a blog post about the flaw.

READ  What Factors Should Be Considered While Picking An Online Brokerage Account

“Facebook acknowledged and patched it officially in WhatsApp version 2.19.244. WhatsApp users, please do update to the latest WhatsApp version (2.19.244 or above) to get rid of this bug,” the researcher added.

Today, the short looping clips, GIFs are everywhere—on your social media, on your message boards, on your chats, helping users perfectly express their emotions, making people laugh, and reliving a highlight.

Related posts

A salesman checks a customer's iPhone at a mobile phone store in New Delhi, India, July 27, 2016. REUTERS/Adnan Abidi

How To Measure How Much You Walk On Your iPhone

January 17, 2021
0

realme to release more phones in 2021 to grow its smartphone market share

January 16, 2021
0

Samsung Galaxy S21 Ultra 5G: The best Galaxy performance in a smartphone yet

January 15, 2021
0
Ultra

Samsung unveils the Galaxy S21 Ultra, Galaxy S21 + & the Galaxy S21. 

January 15, 2021
0

Therefore, to protect yourself against any exploit surrounding this security vulnerability, you are recommended to update your WhatsApp to the latest version from the Google Play Store as soon as possible.

WhatsApp for iOS is not affected by this vulnerability. But apart from this, since the flaw resides in an open-source library, it is also possible that any other Android app using the same affected library could also be vulnerable to similar attacks.

However, this is not the first time that the Facebook-owned app is dealing with such vulnerabilities in its software. Recently, Symantec’s Modern OS Security team discovered a flaw affecting WhatsApp accounts for Android devices. The flaw allows malicious attackers to manipulate and expose media files in WhatsApp.

The security flaw, dubbed Media File Jacking was reported by Symantec to affect WhatsApp for Android by default if certain features were enabled. If exploited, the flaw allows the attackers to misuse and manipulate sensitive information like personal photos and videos, corporate documents, invoices, and voice memos.

Readers 3,066

Share

  • Click to share on Telegram (Opens in new window)
  • More
  • Click to share on Tumblr (Opens in new window)
  • Click to print (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Pocket (Opens in new window)

Like this:

Like Loading...

Related

Tags: CybersecurityWhatsAppWhatsApp messenger
Feritter Owich

Feritter Owich

I am the mobile editor here. I cover apps, smartphones and anything else related to consumer electronics. Reach me at [email protected]

Related Posts

A salesman checks a customer's iPhone at a mobile phone store in New Delhi, India, July 27, 2016. REUTERS/Adnan Abidi
Mobile

How To Measure How Much You Walk On Your iPhone

January 17, 2021
0
Mobile

realme to release more phones in 2021 to grow its smartphone market share

January 16, 2021
0
5G

Samsung Galaxy S21 Ultra 5G: The best Galaxy performance in a smartphone yet

January 15, 2021
0
Ultra
5G

Samsung unveils the Galaxy S21 Ultra, Galaxy S21 + & the Galaxy S21. 

January 15, 2021
0
Mobile

vivo smartphone unveils Vivo V20 in Kenya at Ksh45,000

January 5, 2021
0
4G

realme takes stock of its performance in the Kenyan market as it hits 50 Million shipments globally

December 30, 2020
0
Mobile

Looking For An iPhone 12? Here Are The Prices In Kenya

December 22, 2020
0
Android

vivo V20 launching in Kenya; With a 44MP Eye Autofocus Selfie for 4K Selfie Videos 

December 14, 2020
0

https://bit.ly/2VOxuoBhttps://bit.ly/2VOxuoBhttps://bit.ly/2VOxuoB
ADVERTISEMENT

Join our Mailing List

Loading

Recent Posts

Nigeria’s uLesson raises $7.5m series A for expansion into Eastern & Southern Africa

January 19, 2021

Huawei’s connected ecosystem sets the building blocks for the upcoming connected future

January 19, 2021

Tatu City Partners with Konza to Attract Investors to Kenya

January 19, 2021
searchengineland.com

SEO for Beginners: Where to Start and What You Need

January 19, 2021

Why Dota 2 Viewership Is Going Up

January 19, 2021
">
">

Follow Us

">

There are many sites out there focused on blowing off some steam, from funny entertainment to thrilling experiences like playing online, in some cases online gaming could grant you the chance to win extra money. We came across rocketpot.io while browsing for a good btc casino online and it left us a very good impression with their wide variety of games and crypto offering.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

© 2019 Moran Media Group - All rights reserved TechMoran.

No Result
View All Result
  • Startups
  • Reviews
  • Insider
    • Obituaries
  • Business
  • Women
  • Blockchain
  • Columnists
  • Hacks & Facts
    • How To
  • Editions
    • US Edition
    • India Edition
    • MENA Edition
    • Asia Edition
    • Europe Edition
    • International Edition

© 2019 Moran Media Group - All rights reserved TechMoran.

Login to your account below

Forgotten Password? Sign Up

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
%d bloggers like this: