Is Your GIF Safe? WhatsApp Feature Under Scanner After Hacking Scare

Is Your GIF Safe? WhatsApp Feature Under Scanner After Hacking Scare

SUMMARY

The bug was found by a security researcher

The “double-free” bug allowed users to access mobile devices, galleries and messages

Facebook has claimed to have fixed the bug in a new version WhatsApp

The vulnerabilities of Facebook-owned Whatsapp are out once again, but this time through something as simple as a GIF. A cybersecurity researcher has pointed out that hackers can gain access into the device through malicious GIFs due to a “double-free” bug.

The double-free bug is an error, which is a type of memory corruption, which can crash the app and even let hackers gain access to devices through a malicious GIF. The researcher, identified by the name Awakened, in a blogpost clarified that he reached out to Facebook, which now claims to have fixed the bug in WhatsApps version 2.19.244.

The researcher has also demonstrated the process through a demo video. He pointed out that attackers can send GIFs to users through any platform, even as documents. The device can be hacked as soon as the user downloads the link.

“Since WhatsApp shows previews of every media (including the GIF file received), it will trigger the double-free bug and our RCE [Remote code execution] exploit,” Awakened added.

In August 2019, the popular messaging app made headlines for another bug that allowed the hacker to alter messages. Israel-based security research firm Check Point Software pointed out three ways to manipulate both public and personal messages.

According to Check Point’s research, hackers could manipulate text messages using ‘quote’ feature, which allowed cybercriminals to:

  • Change the name and appearance of the sender on WhatsApp.
  •  Change a reply received from another contact, while a third method let hackers
  • Send private messages disguised as a public message to all individuals in a WhatsApp group chat. This means the reply becomes visible to everyone in the conversation, even though it was intended to be private.

Check Point claimed that it reported the vulnerabilities to WhatsApp, but only the last of the three flaws have been addressed and fixed. The security research firm is still working with WhatsApp to get the other vulnerabilities blocked. However, it’s proving challenging because of WhatsApp’s encryption.

With a good user interface and less data requirement, the app has successfully managed to gain 1.5 Bn monthly active users, including 400 Mn in India. With two bugs coming out within a span of two months, the Indian users’ privacy has raised come under the radar.

However, a report released by AudienceNet said that around 80%, out of a sample size of 1,520 urban Indians aged 18 years and above, trusted WhatsApp with their data, despite its role in mob-lynching and spreading of fake news cases in India.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Is Your GIF Safe? WhatsApp Feature Under Scanner After Hacking Scare-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Is Your GIF Safe? WhatsApp Feature Under Scanner After Hacking Scare-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Is Your GIF Safe? WhatsApp Feature Under Scanner After Hacking Scare-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Is Your GIF Safe? WhatsApp Feature Under Scanner After Hacking Scare-Inc42 Media
Is Your GIF Safe? WhatsApp Feature Under Scanner After Hacking Scare-Inc42 Media
You’re in Good company