WhatsApp bug allows hackers to hijack phones with bizarre gif

Users of the messaging app should update to the latest version to protect their privacy

Anthony Cuthbertson
Sunday 06 October 2019 03:49 EDT
Comments
Whatsapp bug allows hackers to hijack phones with bizarre gif

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A major security flaw that allows hackers to hijack people's phones by sending them a gif, has been discovered with WhatsApp.

The bug allows hackers to steal files and view chat messages from compromised Android devices.

It was discovered by a researcher who goes by the name Awakened.

The malware, known as a double-free vulnerability, is only triggered if a user opens the specially-created gif in the messaging app.

It works well for phones and devices running Android 8.1 and Android 9, though is less affective with older versions of Google's operating system, the researcher wrote in a detailed blog post describing the hack.

"In the older Android versions, double-free could still be triggered," Awakened said. "However, the app just crashes before reaching to the point that we could control the PC register."

Facebook-owned WhatsApp has issued a fix, though users will need to update to the latest version in order to avoid falling victim to the hack.

A spokesperson for the messaging app told The Independent that they were unaware of any WhatsApp users being affected by the issue.

"The issue was reported and quickly addressed," the spokesperson said. "We have no reason to believe this affected any users, though of course we are always working to provide the latest security features to our users."

Earlier this week it was revealed that the popular messaging app is testing a new feature that will see messages disappear after they are sent.

The introduction of self-destructing messages, which are currently only available in the beta version of the app, brings WhatsApp in line with a number of competitors, including Snapchat and Telegram.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in