Hackers GuruHackers Guru
  • Home
  • About Us
  • Courses
  • Blog
  • Contact
  • Cyber Camp
  • Aristi
  • Securign
November 19, 2019 by Sharath

WhatsApp Vulnerability

WhatsApp Vulnerability
November 19, 2019 by Sharath

WhatsApp Vulnerability – Allowing Hackers to Perform DOS Attack by Sending Crafted MP4 File

Last week Facebook has disclosed the existence of a critical Whatsapp vulnerability which is classified as a stack-buffer overflow issue. This flaw will allow the attacker to remotely access files stored in the app and messages.

whatsapp vulnerability

There are over 1.5 billion monthly active users all over the world and in India alone there is 400 million active users.

A WhatsApp official had written letters to CERT-in informing that a specific number of Indian users were effected and data was stolen from their smartphones.

The flaw is tracked as  CVE-2019-11931 and was caused by how the encrypted messaging app parses.MP4 elementary stream metadata.

Facebook, further noted in its advisory that WhatsApp breach could also result in a Denial of Service (DoS) attack.

There are no reports of the WhatsApp vulnerability being actively exploited. However, it is recommended that users update their software.

The vulnerability could be exploited using malicious MP4 video files which could potentially allow an attacker to remotely access data without any source of authentication.

Version Affected

The vulnerability affected the Android versions before 2.19.274, Business for iOS versions before 2.19.100, iOS versions before 2.19.100, Business for Android versions before 2.19.104, Enterprise Client versions before 2.25.3, Windows Phone versions before and including 2.18.368

Recent WhatsApp Vulnerability

pegasus-breach

The announcement of this flaw comes weeks after the Pegasus breach.

Pegasus is a remote access Trojan (RAT) designed to be remotely installed. This helps the attacker to enable the remote access and control of information, including calls, messages, and location on mobile devices using the Android, iOS, and BlackBerry operating systems.

Pegasus was used to target attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials, including those from India.

NSO’s actions caused damages to WhatsApp of more than $75,000, in addition to injuring its reputation, public trust, and goodwill.

Previous articleTypes of HackersTypes of hacker existNext article Cyber Security 101cyber security

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

About The Blog

We are a team of penetration testers, ethical hackers and security researchers. We are on a mission to developed highly skilled cyber security professionals.

Recent Posts

Exciting Career in Cyber SecurityDecember 13, 2019
Cyber Security 101November 23, 2019
WhatsApp VulnerabilityNovember 19, 2019

Categories

  • Career In Cyber Security
  • Cyber Security

Tags

Best cyber security training institute in Bhopal cyber security training institute cyber security training institute in Bhopal Hackers Guru

Build a future ready career !

Industry needs more then 3 million cyber security professionals who can help them fight the ever growing and complex cyber threats. If you think you have a analytical brain which can solve complex problem than join in, A robust cyber security career is waiting for you.

Know More
Contact US

Get Started

  • Home
  • About
  • Courses
  • Contact

Courses

  • Web App Penetration Test
  • Network Penetration Test
  • Wireless Penetration Test
  • Cyber Incident Detection & Handling

Courses

  • Advance Web Exploitation
  • Metaspolit For Hackers
  • Windows Exploitation
  • Tactical Security Analytics with Siem

Legal

  • Payments & Refunds
  • Terms & Conditions
  • Privacy Policy
  • Disclaimer

© 2019 All Rights Reserved | A venture of Aristi Cyber Tech Private Limited

Facebook-f Twitter Google-plus-g Linkedin Whatsapp Telegram Instagram