WhatsApp can be crashed by sending long emoji-filled messages, says researcher
The only way that the problem can be overcome is to delete a messaging history — potentially deleting incriminating information, the researcher who found the problem has pointed out
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A simple WhatsApp trick could force the app to crash on people’s phones, potentially endangering their data.
The app has a vulnerability that allows people to send long messages that could shut down their phones, according to a security researcher.
If a person uses the web version of the app to send a message of around 5,000 emoji, the mobile app that receives it will crash and force itself to shut down, the researchers say. The only way to continue to use the app is to delete the message history and then re-open the conversation.
The app does have a character limit, presumably intended in part to avoid messages so long that the app can’t handle it. But that limit is too small — the app starts to slow down at around 4,500 messages, but people can send up to 6,000.
The problem appears only to affect the Android version of WhatsApp, which is used by over a billion people. It causes problems for the iOS app, but it doesn’t crash it entirely.
Researcher Indrajeet Bhuyan said that the flaw could potentially be used by people to send messages and then force people to get rid of any evidence that they were ever actually sent.
“Suppose an attacker have send an abusive message or is blackmailing a victim,” Mr Bhuyan wrote in a blog post. “Now the victim cannot show the message as proof as once the victim receive the smiley […] the whole chat with the attacker would crash and the victim won’t be able to open it.
“The victim will have to delete the entire chat with the attacker in order to use WhatsApp normally.”
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments