There Is A New Security Bug in Facebook’s WhatsApp That Hackers Exploit to Install Spyware in Users Devices
There is a new bug going on in Facebook’s WhatsApp and WhatsApp is on dangerous waters once again.
The vulnerability that has been found influences both users and WhatsApp’s other enterprise apps on all platforms including Windows, Android and IOS.
Last month, WhatsApp tried to quietly patch this bug that could have allowed hackers to access to users devices to steal private conversations as well as files stored in them.
Facebook published the devices that were previously affected by this bug, and the list includes:
- Android versions before 2.19.274
- iOS versions before 2.19.100
- Enterprise Client versions before 2.25.3
- Windows Phone versions before and including 2.18.368
- Business for Android versions before 2.19.104
- Business for iOS versions before 2.19.100
To exploit this vulnerability the hackers only need to send users a crafted MP4, which can quietly install other Spyware apps without notifying the user at all. And in order to do that, all hackers need is the users phone number.
The severity of this bug is similar to Whatsapp previous VoIP Call Vulnerability that was exploited before by an Israel-based company (NSO group) to install another spyware, which Facebook in turn sued the said company for misusing WhatsApp’s service to target its users.
In the meantime, users are adviced to disable all auto-download features for videos, audios and images.