Discovered a new one vulnerability in the code of Whatsapp. It allows an attacker to compromise the integrity of the device in which the application is installed by causing a buffer overflow and then proceeding to execute commands remotely or by signing a denial of service attack. All you need is a file MP4 packaged ad hoc.
Attack on WhatsApp with an MP4 file
A problem classified as "critical" and which affects WhatsApp's way of managing MP4 content. According to the information released at the weekend by GBHackers, the flaw is present in the releases Android (before 2.192.74), in those iOS (prior to 2.19.100), in the Enterprise Client (before 2.25.3), in Business for Android (before 2.19.104), in Business for iOS (prior to 2.19.100) and in the Windows Phone edition ( up to 2.18.368).
Through a attack of this type, an attacker is potentially able to introduce malicious code into the device, steal sensitive information from memory (not just messages, even photos, videos and documents) or activate microphones and cameras to spy on the user.
To be on the safe side, the user can keep the application up to date and be wary of opening files or videos (especially those with the MP4 extension) from unknown sources. Facebook stated that it had taken charge of the problem, labeling the vulnerability (CVE-2019-11931) and working hard to remedy it as quickly as possible. At the moment there are no reports of exploits or violations.
Remaining on the subject, at the end of October the team at work on WhatsApp charged an accusation against the Israeli NSO Group for having developed the Pegasus spyware able to exploit another application vulnerability for espionage purposes, putting the tool in the hands of the highest bidder, including governments.