Crash Your Friends WhatsApp Remotely with Just a Message
Indian researchers have discovered a flaw in WhatsApp that allows anyone to remotely crash the popular mobile app by sending a specially crafted message.A “nice” vulnerability has been discovered in the popular messaging app WhatsApp that could be exploited by an attacker to remotely crash the mobile app just by sending a specially crafted message. The news was reported by two Indian security researchers that contacted the colleagues at ‘The
The two India based researchers, Indrajeet Bhuyan and Saurav Kar, are very young, they are both 17-year old teenagers and have reproduced the exploitation of the vulnerability in the WhatsApp Message Handler.
TheHackersNews portal has published a video PoC in which is demonstrated that by sending a 2000 words (2kb in size) message in a special character set is possible to cause the crash of the WhatsApp recipients’ app.
Code link:- click here
As explained by the researchers, the bug in the WhatsApp is really worrying because in order to restore a normal operation, the targeted user will have to delete his whole conversation and start a new chat session. This anomalous behavior is caused by the presence of the malicious message within the chat messages that will cause the WhatsApp crash unless the chat is deleted completely.
“What makes it more serious is that one needs to delete entire chat with the person they are chatting to in order to get back whatsapp work in normal,” Bhuyan told THN in an e-mail.
The serious flaw affects most of the Android versions currently available on the market including Jellybean, Kitkat, and all the below android versions.
Also WhatsApp groups are seriously impacted by the vulnerability, an attackers could intentionally send a specially crafted message to exit people from the group and delete the group. Just by sending a specially crafted message is possible to avoid that a member of the group maintains trace of attacker’ chat with him, because the message will cause the crash of the targets.
The Indian researchers still haven’t massively tested the flaw in iOS version of WhatsApp, meanwhile the attack doesn’t work on Windows 8.1.
Code link:- click here
News Source:- The Hacker News’.