GIF Images via WhatsApp platform could have resulted in Android Phone Hack

WhatsApp is widely known for its usability in Android devices as it includes various functions incorporating exchanging text and voice messages making voice and audio calls, delivering images, documents and several types of files.

Recently this year in May, a Vietnam-based researcher found the remote code execution vulnerability believing that the code could have been used to steal essential files and information from WhatsApp users. However, it remains unsettled for three months after it was discovered.

This potential dangerous vulnerability helping hackers to execute commands remotely on the WhatsApp platform and dubbed CVE-2019-11932, the flaw which does not exist in the app’s code itself, however, it is included in GIF image libraries placed in Androids.

Data That Hackers Might Get to Know

By manipulating the running malicious payload remotely, the hackers will supposedly be granted the same permissions in the WhatsApp platform. These types of functions refer to:

  • Viewing files, images, videos.
  • Reading text messages and listening to voice messages.
  • Recording audio files.

As we have already mentioned, this flaw is also associated with linking sending GIFs. A GIF – known as Graphics Interchange Format – is a collection of moving images. GIF services are also very well-liked among mass and they can also be delivered through WhatsApp services.

This large issue has been reported to Facebook which is the owner of the WhatsApp platform at the end of July. The company took grave actions against this flaw and released the new WhatsApp version dubbed 2.19.244 including the patch for the CVE-2019-11932 vulnerability.

How to Prevent Potential Attack?

If you also are a WhatsApp user and have not yet updated your communication platform, you should go to the Google Play Store and do it right away to evade the potential danger that is hiding under the flaw. However, the affected GIF library was also fixed by its developer by releasing the new 1.2.18 software version.

Image Credit : Wired UK

Related posts

Leave a Comment