4 ways your whatsapp can be compromised

Here are some ways that WhatsApp can be hacked.

1. Remote Code Execution via GIF

In October 2019, security researcher Awakened revealed a vulnerability in WhatsApp that let hackers take control of the app using a GIF image. The hack works by taking advantage of the way that WhatsApp processes images when the user opens the Gallery view to send a media file.

When this happens, the app parses the GIF in order to show a preview of the file. GIF files are special because they have multiple encoded frames. This means that code can be hidden within the image.

If a hacker were to send a malicious GIF to a user, they could compromise the user’s entire chat history. The hackers would be able to see who the user had been messaging and what they had been saying. They could also see users’ files, photos, and videos sent through WhatsApp.

The vulnerability affected versions of WhatsApp up to 2.19.230 on Android 8.1 and 9. Fortunately, Awakened disclosed the vulnerability responsibly and Facebook, which owns WhatsApp, has been able to patch the issue. To keep yourself safe from this problem, you should update WhatsApp to version 2.19.244 or above.

2. The Pegasus Voice Call Attack
Another WhatsApp vulnerability discovered in early 2019 was the Pegasus voice call hack. This scary attack allowed hackers to access a device simply by placing a WhatsApp voice call to their target. Even if the target didn’t answer the call, the attack could still be effective. And the target may not even be aware that malware has been installed on their device.

This worked through a method known as buffer overflow. This is where an attack deliberately puts too much code into a small buffer so that it “overflows” and writes code into a location it shouldn’t be able to access. When the hacker can run code in a location that should be secure, they can take malicious actions.

In the case of this attack, it installed an older and well-known piece of spyware called Pegasus. This allowed hackers to collect data on phone calls, messages, photos, and video. It even let them activate devices’ cameras and microphones to take recordings.

This vulnerability applied to Android, iOS, Windows 10 Mobile, and Tizen devices. It was used by the Israeli firm NSO Group which has been accused of spying on Amnesty International staff and other human rights activists. After news of the hack broke, WhatsApp was updated to protect it from this attack.

If you are running WhatsApp version 2.19.134 or earlier on Android or version 2.19.51 or earlier on iOS, then you need to update your app immediately.

3. Socially Engineered Attacks

Another way that WhatsApp is vulnerable is through socially engineered attacks.These exploit human psychology to steal information or spread misinformation. This allowed people to misuse the quote feature in group chat and to alter the text of another person’s reply. Essentially, it allows hackers to plant fake statements that appear to be from other legitimate users.

4. Media File Jacking
A vulnerability which affects both WhatsApp and Telegram is media file jacking. This attack takes advantage of the way that apps receive media files like photos or videos and write those files to a device’s external storage. more  

View all 12 comments Below 12 comments
very useful warning more  
real world is certainly better then more  
an useful write up by Ms Reeta Kumar more  
Having known all this, people are enthused and encouraged to use Whatsapp. This is like digging one's own grave. more  
How to spot and neutralize is the question more  
Post a Comment

Related Posts

    • COMMUNITY PETS OR PESTS for GENERAL PUBLIC – STRAY DOGS - it is a problem faced nation wide:

      The place for pets is at home, not roaming the streets. Over time, stray dogs on the streets often become aggressive, fighting amongst themselves and terrifying pedestrians. These encounters can es...

      By Jayakumar Daniel
      /
    • 53 commonly used drugs unsafe failed quality test

      53 medicines including paracetamol failed in quality test!! Attached is the full list. Apart from vitamins, sugar and blood pressure medicines, antibiotics are also included in the list...

      By Amit Mishra
      /
    • Devices becoming bimba

      As we saw in Lebanon how pagers and walkie talkie were exploded by the israelis, devices will be used for surveillance and attacks of different kinds in the not so far future. Medical de...

      By Ruchika L Maheshwari
      /
    • AVOIDABLE TRAGEDY

      The majority of Indians are deeply spiritual, with a wide array of religious beliefs. This diversity in belief is not inherently problematic; in fact, many people seek the grace of the Almighty for...

      By Jayakumar Daniel
      /
    • Drugs that have failed quality tests

      Full list of drugs that failed quality tests. Do share with friends family so if they are taking them they find replacements or consult Doctors Cyra Tablets, Rabeprazole Sodium Tablets I...

      By Sarita Ravichandran
      /
    • Bhartiya Nyay Sanhita needs to be rolled back

      In just 15 days, from the 01st of July, the Indian law system will be turned on its head. The BNS is about to begin. Bharatiya Nyay Sanhita (BNS) gives massive powers to local...

      By Ruchika L Maheshwari
      /
    • Band-Aid causing cancer

      Cancer-causing forever chemicals found in BAND-AIDS where they can get directly into blood through open wounds, report warns Bandages from some of the most well-reputed brands, including...

      By Radha Puri
      /
    • Heatwave Alert

      All do’s and don’t issued by sarkar attached

      By Sneha Goyal
      /
    • How to know if phone security is compromised

      Important Thread: 9 Signs Your Phone’s Security Is Compromised! The phone tapping case, which has been making headlines in Telangana, has sparked concerns about the privacy and sec...

      By Garima Sharma
      /
    • Words of ex CBI director Nageshwar Rao today

      Every Indian’s Aadhar Card, PAN Card, Bank Account, Passport, Driving License, FasTag, DigiYatra, Mobile, DigiLocker, Property and Vehicle Registration, Payments, etc are all digitised and li...

      By Rajesh Suri
      /
    • WHY ARE DOGS ROAMING THE STREETS?

      It is reported that a 7 month old Baby has been mauled to death. It appears the Baby was left unattended by a Cleaning Staff. But who let the dogs out on Streets. ? Their place is in human homes a...

      By Jayakumar Daniel
      /
Share
Enter your email and mobile number and we will send you the instructions

Note - The email can sometime gets delivered to the spam folder, so the instruction will be send to your mobile as well

All My Circles
Invite to
(Maximum 500 email ids allowed.)