4 ways your whatsapp can be compromised

Here are some ways that WhatsApp can be hacked.

1. Remote Code Execution via GIF

In October 2019, security researcher Awakened revealed a vulnerability in WhatsApp that let hackers take control of the app using a GIF image. The hack works by taking advantage of the way that WhatsApp processes images when the user opens the Gallery view to send a media file.

When this happens, the app parses the GIF in order to show a preview of the file. GIF files are special because they have multiple encoded frames. This means that code can be hidden within the image.

If a hacker were to send a malicious GIF to a user, they could compromise the user’s entire chat history. The hackers would be able to see who the user had been messaging and what they had been saying. They could also see users’ files, photos, and videos sent through WhatsApp.

The vulnerability affected versions of WhatsApp up to 2.19.230 on Android 8.1 and 9. Fortunately, Awakened disclosed the vulnerability responsibly and Facebook, which owns WhatsApp, has been able to patch the issue. To keep yourself safe from this problem, you should update WhatsApp to version 2.19.244 or above.

2. The Pegasus Voice Call Attack
Another WhatsApp vulnerability discovered in early 2019 was the Pegasus voice call hack. This scary attack allowed hackers to access a device simply by placing a WhatsApp voice call to their target. Even if the target didn’t answer the call, the attack could still be effective. And the target may not even be aware that malware has been installed on their device.

This worked through a method known as buffer overflow. This is where an attack deliberately puts too much code into a small buffer so that it “overflows” and writes code into a location it shouldn’t be able to access. When the hacker can run code in a location that should be secure, they can take malicious actions.

In the case of this attack, it installed an older and well-known piece of spyware called Pegasus. This allowed hackers to collect data on phone calls, messages, photos, and video. It even let them activate devices’ cameras and microphones to take recordings.

This vulnerability applied to Android, iOS, Windows 10 Mobile, and Tizen devices. It was used by the Israeli firm NSO Group which has been accused of spying on Amnesty International staff and other human rights activists. After news of the hack broke, WhatsApp was updated to protect it from this attack.

If you are running WhatsApp version 2.19.134 or earlier on Android or version 2.19.51 or earlier on iOS, then you need to update your app immediately.

3. Socially Engineered Attacks

Another way that WhatsApp is vulnerable is through socially engineered attacks.These exploit human psychology to steal information or spread misinformation. This allowed people to misuse the quote feature in group chat and to alter the text of another person’s reply. Essentially, it allows hackers to plant fake statements that appear to be from other legitimate users.

4. Media File Jacking
A vulnerability which affects both WhatsApp and Telegram is media file jacking. This attack takes advantage of the way that apps receive media files like photos or videos and write those files to a device’s external storage. more  

View all 12 comments Below 12 comments
very useful warning more  
real world is certainly better then more  
an useful write up by Ms Reeta Kumar more  
Having known all this, people are enthused and encouraged to use Whatsapp. This is like digging one's own grave. more  
How to spot and neutralize is the question more  
Post a Comment

Related Posts

    • Coronavirus with no exposure and travel to Covid-19 people and areas

      A person in California—NOT exposed to anyone with coronavirus & NO travel to COVID19 areas—tested positive in the 1st case of community spread the US. The case was detect...

      By Vinita Agrawal
      /
    • Will IPF act against Delhi Police

      Why is the Indian Police Foundation mot meeting the Home Minister to raise concerns around actions of Delhi Police in the last 2 days. Are you for civil society IPF or for police. You ke...

      By Sarita Ravichandran
      /
    • Coronavirus ramping up in other countries

      I was just going through this report from the circles and one question thats most important is screening and tracking of passengers coming from asian countries

      By Anu Kaur
      /
    • End Culture of Accompanying Babus and Netas

      Any magistrate or police officer or politician that moves around there is a bunch of police officers that move along with him. Why does this have to be the case? Why are we paying as ta...

      By Vinita Agrawal
      /
    • Coronavirus or Influenza - where to sit on a plane

      If in a flight and worried about Catching coronavirus or influenza or swine flu sit in a Window seat friends. The attached helps pinpoint the safest places to sit. The passengers who wer...

      By Sarita Ravichandran
      /
    • Good news on Coronavirus

      645 people who were quarantined at various sites in India have all been tested negative for coronavirus. Attached the dos donts from the circle.

      By Sarita Ravichandran
      /
    • TRAFFIC RULES 50/60 YEARS BACK & HOW IT FUNCTIONED AS THE STEPPING STONE FOR VEHICLE USERS :

      When I first started in the 50's * riding a cycle we had to observe traffic rules : No doubles, no oneway violations , night time ride with light, battery operated or oil lamps in fro...

      By Jayakumar Daniel
      /
    • Circle on Coronavirus Swine Flu Influenza

      Request localcircles to start a circle on coronavirus swine flu, influenza and make people aware about these Ideally our govt should have thought about such awareness programs but they arent so we ...

      By Minakshi Mehta
      /
    • Safe Internet Tips for Child Usage

      Educate yourself about social media: Start by finding out what kind of apps and sites your child is interested in. Read app reviews, age limits, and fine print. Get a head-start: If you ...

      By Reeta Kumar
      /
    • All about Coronavirus

      What is a Coronavirus? It is a novel virus named for the crown-like spikes that protrude from its surface. The coronavirus can infect both animals and people, and can cause a range of respirat...

      By Radha Puri
      /
    • Medical records Information Compromised

      More than 10 lakh Indian patients have had their entire medical records leaked on the DarkNet. Their CT scans, MRIs, photos, videos... Everything that the doctors had in their system. Da...

      By Sarita Ravichandran
      /
Share
Enter your email & mobile number and we will send you the instructions

Note - The email can sometime gets delivered to the spam folder, so the instruction will be send to your mobile as well

Please select a Circle that you want people to invite to.
Invite to
(Maximum 500 email ids allowed.)