Most people are aware that Whatsapp is a popular cross-platform messaging platform. It allows users to send text messages, voice messages and documents, as well as video calls. It is owned and used by more than 1.5 billion people around the world. Whatsapp uses end-to-end encryption to protect the conversations.
The Financial Times newspaper reported on May 14th that Whatsapp, owned by Facebook, had a critical vulnerability
It was reported that hackers used Whatsapp voice calls in order to inject spyware onto users’ phones. The best part about the hack was that the spyware could be injected without the user even having to answer the call.
Both iOS and Android users were affected.
Facebook advisory stated that it was a buffer overflow vulnerability in the Whatsapp VoIP stack which allowed remote code execution via SRTCP packets to the target number
CVE-2019-35668 is the name of the vulnerability, which has been fixed.
WhatsApp for Android before v2.19.134, WhatsApp Business Android prior v2.19.44 and WhatsApp for iOS prior v2.19.51, WhatsApp Business iOS prior v2.19.51, WhatsApp Business iOS prior v2.19.51, WhatsApp Business iOS prior v2.19.51, WhatsApp Business iOS prior prior v2.19.51, WhatsApp Business iOS prior v2.19.51, WhatsApp Business iOS prior v2.18.348, WhatsApp for Windows Phone prior v2.19.51, and WhatsApp for Tizen Prior to v2.18.15.
What caused the attack?
VoIP technology is used to make Whatsapp voice calls. This is in addition to traditional phone lines. Each hack and attack is an entirely different learning experience. Here are the lessons from the latest Whatsapp hack.
The Whatsapp hack was made possible by exploiting the buffer overflow vulnerability, which has been around for a long time.
What is a buffer overflow vulnerability?
A buffer is a collection of memory locations that can hold integer or character data. If data is being pushed onto a buffer that can only hold ‘n number of characters, it will overflow and move to subsequent locations. This is called ‘Buffer overload’ or ‘Buffer underrun’. This causes the system crash and hackers exploit this “buffer overflow vulnerability” to make the program work differently. For example, you can use the following:
char a is defined, and ifa=”What an amazing world”;
If the buffer is overflowing, it can cause the system to crash or be vulnerable to attacks. Good programming practices can help to mitigate the ‘buffer overflow’ vulnerability.
In the case of the Whatsapp hack a VoIP transaction is created when a VoIP call has been made. It also includes encryption. The call recipient can accept, decline, or ignore it. There is a chance that the buffer overflow vulnerability was exploited and that spyware was injected onto users’ phones.
What happens if my Whatsapp Account is compromised?
You are likely safe if you don’t receive any missed calls from unknown number.
If your number has been compromised, spyware may be able to spy on your pictures, messages and activate your camera and microphone.
What you should do
It is possible that every phone might have a vulnerability because Whatsapp is such a widely used messaging platform.
It is a good idea to always update to the latest version. This could include fixes for bugs on both Android and Apple systems.