WhatsApp: make it dangerous through a GIF. Update the application immediately if you have the update
A very important problem what in these hours is concerning WhatsApp Messenger on users’ smartphones. A GIF would make image management vulnerable by allowing hackers to enter smartphones. Here’s how to understand the problem and how to solve it.
A simple GIF of those that all users that use WhatsApp Messenger exchange daily in their messages, could be more dangerous than you think. The alarm comes from Singapore, from a hacker called ” Awakened ” who has discovered the vulnerability of the ” double-free ” capable of allowing the bad guys to enter the smartphone of unsuspecting users through the image gallery.
A problem that has already been reported to WhatsApp, which immediately acted by blocking the vulnerability through an update that the company has already put online in the various stores for Android and iOS.
WhatsApp: How hackers could act
The problem that came to WhatsApp stems from a bug in the image library.
” libdpl_droidsonroids_gif.so ” which is easily exploited by expert hackers to execute a so-called ” shellcode “, a code created ad hoc of type RCE (Remote Code Execution) to infect the smartphone. In a nutshell, it is a so-called ” memory corruption ” attack where the program just crashes and at its new upload it encounters the hacker’s code that could be a spyware ready to spy on any kind of data on the smartphone from the phonebook, to emails not to mention SMS, chat or other.
In this case, the malicious code could also act autonomously and send images or GIF to other users without the owner noticing.
An important attack that could also lead to identity theft with the possibility for the agent hacker to use the personal data of unsuspecting users to carry out actions that are not entirely regular, such as selling counterfeit goods, or even botnets for cyber attacks.
WhatsApp: Which versions are at risk?
The problem seems to be more limited than one might think given that the hacker code can only be exploited in the versions of Android 8.1 and 9.0 in the WhatsApp version 2.19.244. We recommend to those who have this version or a previous one to immediately update the messaging application or their smartphone to a higher version of the operating system in order to ensure protection against this vulnerability.
We remind you that as established by the developers, WhatsApp will no longer be available for smartphones:
- Android with version 2.3.7 or earlier (from 1 February 2020)
- iPhone with version of iOS 8 or earlier (from 1 February 2020)
- Smartphone with Windows Phone (from December 2019)
- Smartphone with BlackBerry OS (already deactivated from December 2017)
- Smartphone with BlackBerry 10 (already deactivated from December 2017)
- Nokia S40 and S60 (already deactivated since December 2017)
To understand which type of operating system version you have, it will be enough to set up your smartphone on your settings. Specifically:
- Android : Settings -> System -> About and you will find the Android version
- iOS : Settings -> General -> Info / Software update and you will find the iOS version.