WhatsApp Security Flaw Opens Up Smartphones To Hackers

The very popular instant-messaging platform, WhatsApp, has fixed a very important security bug.

WhatsApp Fixing Security Bug:

According to the reports and sources that are circulating on the internet and social media, it tells that the famous instant-messaging platform WhatsApp has published some details about a critical bug that was related to a security vulnerability that affected the Android app. It could have allowed the attackers to plant viruses and malware on victims’ smartphones when they were in between a video call.

The details of the flaw started to circulate, and it was tracked as CVE-2022-36934, which came with an assigned severity rating of 9.8 out of 10. It is described by WhatsApp as an integer overflow bug. This occurs when there’s an app is trying to perform a computational process but has less space in its allotted memory. This causes the data to spill out and overwrite the other parts of the system’s memory with potentially malicious code.

WhatsApp hasn’t rolled out any information related to the bug at the moment. As of now, the security firm Malwarebytes said in their own technical analysis that the bug is found in the app’s component that is known as ‘Video Call Handler.’

If it gets triggered, it allows the attacker to take complete control of the victim’s application.

WhatsApp’s spokesperson Joshua Breckman told a media outlet that these bugs were discovered in-house, and the company hasn’t found any type of ‘evidence of exploitation.’

This type of bug same happened back in 2019. The instant-messaging platform, WhatsApp, blamed some spyware maker NSO group in 2019, which targeted around 1400 victims’ phones, and it included journalists, human rights defenders, and other people. The attack leveraged a virus in WhatsApp’s audio calling feature, which allowed the caller to plant spyware on victims’ devices.

WhatsApp has rolled out the weekly details of another vulnerability, CVE-2022-27492, which was rated ‘high’ in severity at 7.8 out of 10. With this, it will allow the hackers to run malicious code on a victim’s iOS device after it sends a malicious video file.

What Will Happen Now?

At the moment, WhatsApp is putting its full efforts into overcoming this problem and fixing the bug. However, an intelligence researcher of Malwarebytes, Pieter Arntz, has said, ‘The manipulation with an unknown input leads to a memory corruption vulnerability. To exploit the vulnerability, attackers would have to drop a crafted video file on the user’s WhatsApp messenger and convince the user to play it.’

Leave a Comment