A malicious GIF image sent through WhatsApp could hack your Android phone. Read on to know more…
Recently, Facebook-owned messaging app WhatsApp fixed a security vulnerability after a security researcher reported the issue nearly three months back. The security researcher discovered a security vulnerability in WhatsApp that could allow hackers to obtain access to a Android based mobile device and steal data by sending a malicious GIF file.
The Next Web reported that the security flaw is a double-free vulnerability, i.e. a memory corruption issue that can crash apps or create an opening for a hacker to compromise the security of the affected device. According to the technical write-up, if an attacker sends a WhatsApp user such a modified GIF, the next time that users opens their WhatsApp photo gallery, the bug will strike. It seems that users running certain versions of the Android mobile OS are most likely to be impacted by the bug.
According to a researcher, who goes by a name Awakened, the vulnerability could have allowed hackers to compromise Android devices remotely, allowing them to steal files and chat messages. The vulnerability, named CVE-2019-11932, is a double-free memory corruption bug that exists in the open-source GIF image library that WhatsApp uses to generate previews for videos, images, and GIFs.
A double-free vulnerability is a memory corruption anomaly that could crash an application or open up an exploit vector that attackers can abuse to gain access to users’ device. According to Awakened’s post on GitHub, the flaw resided in WhatsApp’s Gallery view implementation that is used to generate previews for photographs, videos and GIFs. All it takes to perform the attack is to craft a malicious GIF, and wait for the user to open the WhatsApp gallery, the report added.
The researcher urged WhatsApp users to update their apps to prevent potential threats. “Facebook acknowledged and patched it officially in WhatsApp version 2.19.244. WhatsApp users, please do update to the latest WhatsApp version (2.19.244 or above) to get rid of this bug,” the researcher added.
“The exploit works well for Android 8.1 and 9.0, but does not work for Android 8.0 and below,” Awakened added. “In the older Android versions, double-free could still be triggered. However, because of the malloc calls by the system after the double-free, the app just crashes before reaching to the point that we could control the PC register.”
Besides this security vulnerability, since the flaw resides in an open-source library, it is also possible that any other Android app using the same affected library could also be vulnerable to similar attacks.
WhatsApp told The Next Web it had no reason to suspect any users were impacted and that it had resolved the issue in a patch. “It was reported and quickly addressed last month,” a WhatsApp spokesperson told the site. “We have no reason to believe this affected any users though of course we are always working to provide the latest security features to our users.”
According to sources, to protect yourself against any exploit surrounding this vulnerability, you are recommended to update your WhatsApp to the latest version from the Google Play Store as soon as possible.