WhatsApp is one of the most widely used chat apps but this popularity does not save the platform from bugs and other privacy-related issues that are common these days especially on the Android platform. The cybersecurity researchers at Check Point have spotted a vulnerability in the app which can cause the app to crash on multiple phones in a shared group.
The researchers found that this vulnerability could lead to app crash in loop forcing users to reinstall the app but losing the chat history forever. WhatsApp allows a maximum of 256 members in a group chat today so sliding in amidst such a large number of group members won’t be a very tough task. The vulnerability that has been fixed by the chat company now could have been exploited by the malicious hackers through the use of WhatsApp Web and a debugging tool like Chrome’s DevTools to gain access to a specific message parameter and lead to crashing of the app in the loop.
” In WhatsApp there are many important groups with valuable content. If an attacker uses this technique and crashes one of these groups all chat history will be gone and further communication would be impossible. The impact of this vulnerability is potentially tremendous, since WhatsApp is the main communication service for many people. Thus, the bug compromises the availability of the app which is a crucial for our daily activities. In order to recover from the issue, the users have to uninstall WhatsApp, install it again and remove the group which contains the malicious payload,” said the security researchers in the report.
WhatsApp has fixed the bug starting from its Android version number 2.19.58. “Thanks to the responsible submission from Check Point to our bug bounty programme, we quickly resolved this issue for all WhatsApp apps in mid-September. We have also recently added new controls to prevent people from being added to unwanted groups to avoid communication with untrusted parties all together” said WhatsApp software engineer Ehren Kret. For those who have not updated their WhatsApp in late September, it is recommended that you update your app at the earliest to avoid app crash or losing chat privacy to a hacker.
