Cybersecurity experts from Check Point Research have uncovered a serious flaw in the popular messaging platform, WhatsApp, that lets hackers crash the app by sending a malicious message.

To launch an attack, the hacker would first have to be a member of the targeted group chat. They would then have to use WhatsApp Web and their browser’s debugging tool to edit specific message parameters to then send the destructive message.

The team at Check Point say that the crash bug is so severe that those affected are forced to uninstall and reinstall the app on their phone or device.

After reinstalling the app, the user will not be able to return to the group chat or access any of the group’s chat history.

The Facebook-owned company was informed of the vulnerability and has since patched it up, however, Check Point is urging users to update the app to the latest version to protect themselves from attack.

Oded Vanunu, Check Point’s head of product vulnerability research, said: “The ability to stop people being able to use WhatsApp and to delete valuable information from group chat histories is a powerful weapon”.

Recommended

Vanunu said that although the bug was discovered in August, his team are not aware of any cases where it has been exploited by hackers.

Whatsapp is a highly popular app with 1.5 billion users globally, therefore, a flaw of this nature could have had a wide reaching impact.

“WhatsApp greatly values the work of the technology community to help us maintain strong security for our users globally,” said WhatsApp Software Engineer Ehren Kret.

“Thanks to the responsible submission from Check Point to our bug bounty program, we quickly resolved this issue for all WhatsApp apps in mid-September.

We have also recently added new controls to prevent people from being added to unwanted groups to avoid communication with untrusted parties all together.”

Like this: Like Loading...