Saturday, August 15, 2020
Home Lead Story WhatsApp Bug May Steal Data by Sending a Malicious GIF File

WhatsApp Bug May Steal Data by Sending a Malicious GIF File

The bug also works for Android 8.1 and Android 9.0 OS but does not work for Android 8.0 and below

A security bug has been found in Facebook-owned instant messenger WhatsApp that could let attackers to obtain access to a device and steal data by sending a malicious GIF file.

The danger stems from a double-free bug in WhatsApp, according to a researcher going by the nickname Awakened, The Next Web reported on Wednesday.

A double-free vulnerability is a memory corruption anomaly that could crash an application or open up an exploit vector that attackers can abuse to gain access to users’ device.

According to Awakened’s post on GitHub, the flaw resided in WhatsApp’s Gallery view implementation that is used to generate previews for photographs, videos and GIFs.

facebook, WhatsApp, stories, feature
Silhouettes of mobile users are seen next to logos of social media apps Signal, Whatsapp and Telegram projected on a screen in this picture illustration. VOA

All it takes to perform the attack is to craft a malicious GIF, and wait for the user to open the WhatsApp gallery, the report added.

“The exploit works well until WhatsApp version 2.19.230. The vulnerability is officially patched in WhatsApp version 2.19.244,” wrote the researcher.

Also Read: Indiscriminate and Irrational Use of Resources and Exploitation of Environment

The bug also works for Android 8.1 and Android 9.0 OS but does not work for Android 8.0 and below.

In the older Android versions, double-free could still be triggered. However, because of the malloc calls by the system after the double-free, the app just crashes before reaching to the point that we could control the PC register, according to a report in Gizmodo. (IANS)

STAY CONNECTED

18,952FansLike
362FollowersFollow
1,780FollowersFollow

Most Popular

Here’s How an Online Training Helped me Land my Dream Job

About the Author: Apurva Bhalerao is a postgraduate in Mechatronics. She joined Internshala Trainings for Internet of Things training. She shares how an online...

Internships for Students With Good People Skills

College students, especially the first and second year ones, often hesitate to apply to internships for the reason that they don’t have any job-specific...

73% Females in Rajasthan Facing Issues in Procuring Sanitary Napkins During Lockdown

Seven of every 10 adolescent females, nearly 73 per cent, in Rajasthan say they have had a problem procuring sanitary pads during lockdown in...

I Believe Dance is like Talking Without Speaking: Govinda

Actor Govinda sees dancing more like talking, sans words. "I believe that dance is more like talking without having to actually speak or use words....

Google Search to Provide you With Necessary Information About Floods in India

Google is already sending public alerts to people hit by flooding in India and users in India can now use Search to simply enter...

Yoga Improves Symptoms of Generalised Anxiety Disorder: Researchers

Researchers have suggested that yoga improves symptoms of generalised anxiety disorder, a condition with chronic nervousness and worry, suggesting the popular practice may be...

Young Women More Stressed Than Men During Lockdown: Survey

A recent survey on the impact of the Covid-19 pandemic on people between 10 and 24 years in UP, Bihar and Rajasthan has revealed...

Doctors Estimated 3 Folds Rise in Deaths of Patients During Lockdown Due to “Waitlist Mortality”

By Ashish Srivastava The nationwide lockdown imposed from March 24 has affected services across sectors, and key areas of medical care were also not left...

Recent Comments