WhatsApp bug lets hackers hijack accounts with a video call: Reports
The vulnerability, which affected WhatsApp applications on Apple and Android smartphones, was discovered in late August and was fixed by Facebook in early October, according to a technical disclosure report posted online.Updated: Oct 11, 2018 15:10 IST
A bug in Facebook’s WhatsApp messaging service allowed hackers to take over users’ applications when they answered an incoming video call, technology websites ZDnet and The Register reported on Wednesday.
The vulnerability, which affected WhatsApp applications on Apple and Android smartphones, was discovered in late August and was fixed by Facebook in early October, according to a technical disclosure report posted online.
Facebook did not respond to requests for immediate comment. It is unclear whether the bug was ever used in an attack before it was fixed.
“This is a big deal,” Travis Ormandy, a researcher at Google Project Zero which discovered the bug, said on Twitter. “Just ++answering a call from an attacker could completely compromise WhatsApp.”
Facebook has suffered a string of security-related problems in the last year. The company last week disclosed its worst-ever security breach affecting nearly 50 million accounts.
Update with comment -
A WhatsApp spokesperson said, “WhatsApp cares deeply about the security of our users. We routinely engage with security researchers from around the world to ensure WhatsApp remains safe and reliable. We promptly issued a fix to the latest version of WhatsApp to resolve this issue.”
First Published: Oct 10, 2018 18:12 IST