Android TipsNews

WhatsApp Can Be Hijack Via Malicious GIFs

whatsapp hijack android captainHeads up WhatsApp users! If you haven’t updated your WhatsApp yet, you must do it now as a serious security flaw exposes your chats to attackers. A security researcher has discovered an RCE vulnerability in WhatsApp that allows hijacking chat sessions simply by sending malicious GIFs.

WhatsApp RCE Vulnerability Discovered

According to the report shared by a researcher with the alias ‘Awakened’, a serious bug threatens the privacy of WhatsApp users. As discovered, a double-free RCE vulnerability exists in WhatsApp Messenger exploiting which allows for hijacking chat sessions. To exploit the flaw, an attacker would simply need to send a malicious GIF to the victim. An adversary could trigger the flaw in two ways. First, via local privilege escalation through a malicious app installed on the target device. According to the researcher,

The app collects addresses of zygote libraries and generates a malicious GIF file that results in code execution in WhatsApp context.

This would allow stealing files in WhatsApp sandbox. Second, via remote code execution by sending a malicious GIF. As explained by the researcher,

Pairing with an application that has a remote memory information disclosure vulnerability (e.g. browser), the attacker can collect the addresses of zygote libraries and craft a malicious GIF file to send it to the user via WhatsApp (must be as an attachment, not as an image through Gallery Picker).

When the recipient opens the Gallery view in WhatsApp, the GIF would trigger the remote shell on the target device.

Update WhatsApp Now!

The vulnerability CVE-2019-11932 discovered by Awakened allegedly affected WhatsApp versions until 2.19.230. It primarily posed a threat to Android 8.1 and 9.0. this is because for Android versions before 8.1, triggering the exploit crashes the app before the hack.

In the older Android versions, double-free could still be triggered. However, because of the malloc calls by the system after the double-free, the app just crashes before reaching to the point that we could control the PC register.

After discovering the bug, the researcher reported the matter to Facebook for further action. Following his report, Facebook patched the flaw with WhatsApp version 2.19.244.

Tags

Harish

A technology enthusiast who loves innovation. Fascinated for technology. Founder of AndroidCaptain.com and a Computer Engineer, passionate for android world of devices/apps and their innovation in the pricing and quality. I like to listen songs, take photos and venture myself in natural places.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA Image

*

Back to top button
css.php
Close
Close

Ad-blocker Detected!

Please Help Us Grow, Kindly Disable Ad-Block and Read Amazing News, Tips and Many More.