Hackers can hack your Whatsapp

WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices


WhatsApp says the specially crafted MP4 file can trigger the remote code execution (RCE) and denial of service (DoS) cyber attack.WhatsApp has flagged another critical security risk for its millions of users on ios, Android and Windows platforms.

The latest security exploit involves malicious MP4 video files which could allow hackers to execute snooping attacks. WhatsApp says these ‘specially crafted MP4 file’ can trigger the remote code execution (RCE) and denial of service (DoS) cyber attack.



The vulnerability — tracked as CVE-2019-11931 — is a stack-based buffer overflow issue that resided in the way previous WhatsApp versions parse the elementary stream metadata of an MP4 file, resulting in denial-of-service or remote code execution attacks.
To remotely exploit the vulnerability, all an attacker needs is the phone number of targeted users and send them a maliciously crafted MP4 file over WhatsApp, which eventually can be programmed to install a malicious backdoor or spyware app on the compromised devices silently.

The issue snowballed into a political one and the Indian government denied either purchasing or planning to purchase the infamous software in question.

"We agree with the government of India's strong statement about the need to safeguard the privacy of all Indian citizens. That is why we've taken this strong action to hold cyber attackers accountable and why WhatsApp is so committed to the protection of all user messages through the product we provide," a WhatsApp spokesperson had said in a statement.

For now, it's recommended for all users to make sure they are running the latest version of WhatsApp on their device and disable auto-downloads of images, audio and video files from the app settings.

"WhatsApp is constantly working to improve the security of our service. We make public reports on potential issues we have fixed consistently with industry best practices. In this instance, there is no reason to believe that users were impacted," WhatsApp told.


Comments

Popular posts from this blog

Some Dark web Links

How to join Cyber Cell or Cyber Crime Department in India || Exam or Direct or Skills???

ATM HACKING TOOL TRENDING ON DARK WEB