Imagine you receive a video call on WhatsApp and your phone gets hacked and all your data gets stolen. Scary! Isn’t?
This might sound like a movie scene, but there is something like this is actually happening. Natalie Silvanovich, a Google Project Zero security researcher has discovered a nasty vulnerability in the Facebook-owned messaging app, WhatsApp. The vulnerability is so critical that it can actually compromise a smartphone just by a video call.
According to a published report (along with a proof-of-concept exploit) by the security researcher, the vulnerability is a memory heap overflow issue which gets triggered when the person on the order side of the phone receives the video call. Once the issue is triggered, the attacker can actually corrupt and crashing the WhatsApp mobile app.
Natalie has also mentioned that the vulnerability is only affecting the Android and iOS apps, not the WhatsApp web. The vulnerability was discovered back in August this year. However, WhatsApp patched the issue on September 28 in its Android client and on October 3 in its iPhone client.
Some of the security researchers have also discovered another flaw two months ago. This flaw was also a critical one as it could allow malicious users to intercept and modify messages sent in both private as well as group conversations.