Hello helpers!!
Have you ever thought of answering a video call on whatsapp could compromise your phone?
NO?
Everyone likes to video chat with their friends, relatives,etc etc. We all love it to see the faces of our near ones if he/she is 7 seas far! Audio calls can never feel us that way a video call can.
But who knows video calls are also not safe!!
Recently a news came that just by answering a video call on whatsapp messenger could hack your smartphone. Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full access of your WhatsApp just by video calling you over the messaging app.
Natalie Silvanovich discovered and reported about the vulnerability to the whatsapp team with a proof-of-concept in August this year. Whatsapp looked forward this issue and fixed the bug through an update on September 28 in its Android client and on October 3 in its iPhone client.
How does it work?
This vulnerability is a memory heap overflow issue which is injected when a user receives a specially created malformed RTP(Real-time Transport Protocol) packet by a videocall request, which will result in the corruption error and crash the Whatsapp app.
This vulnerable attack can be seen in Android and ios apps, but not in the whatsapp web version because it works on webRTC for video calls.
Another Google Project Zero researcher, Tavis Ormandy, claims that "This is a big deal. Just answering a call from an attacker could completely compromise WhatsApp."
In simple words, hackers just need your phone number to completely hack your phone and look into your conversations, and many more.
How to prevent this attack
- Always update your whatsapp app at regular interval.
- Avoid answering calls from unknown number.This will not allow attakers to inject the malformed RTP packet into your smartphone.
Reports of WhatsApp bug have come from one more place. Last week we saw a report that said Israel government's cyber-security agency has sent out a nation-wide security alert due to a new method of WhatsApp hacking discovered that's done basically via phone's voicemail systems. This vulnerability was first reported in 2017 by an Israeli web developer.
The report explains that voicemail users with their phone numbers often do not change their account's default password which is generally either 0000 or 1234. This puts them at risk. The hacker uses the voicemail system of the phone to take control of the app.
The hacker will ty to enter a legitimate user's phone number while installing new WhatsApp account on his or her own phone. He or she will obviously enter the wrong security one-time code because that code is sent to the actual user's phone number. After several wrong SMS attempts, WhatsApp will show a message to user to go for voice verification. WhatsApp will call the legitimate user's phone and speak the verification code. Now if the user does not answer the call, this code will land up in his or her voicemail. The hacker can access the user's voicemail account and get access to that verification code which can be used to hack the app.
So be safe and help others by spreading this information.
Thank you!
0 comments:
Post a Comment