A new WhatsApp scam could be letting hackers steal your account with the video calling feature.
The bug lets hackers crash another person’s phone by video calling them with malicious files.
According to new cybersecurity research, both Android and iPhone users are vulnerable, but you can protect yourself if you make sure you update your app to the latest version available.
The flaw was first discovered by Natalie Silanovich, a Google security researcher.
Memory corruption bug in WhatsApp’s non-WebRTC video conferencing implementation https://t.co/5sCmNznh4P
— Natalie Silvanovich (@natashenka) October 9, 2018
Luckily, the flaw was patched by WhatsApp recently in updated versions for both Android and iPhone apps, but users who haven’t updated could still be at risk.
The web WhatsApp service was never affected.
Another Google researcher, Tavis Ormandy tweeted Natalie’s report and said this flaw was a big deal for WhatsApp user security.
This is a big deal. Just answering a call from an attacker could completely compromise WhatsApp. https://t.co/vjHuWt8JYa
— Tavis Ormandy (@taviso) October 9, 2018
Security analyst, Mohit Kumar, suggested this could be used by a hacker to take over an affected device.
“PoC crashes victim’s WhatsApp, but could it be upgraded to achieve remote code execution?”
Make sure your app is updated, guys.