A vulnerability discovered in the WhatsApp application that affects Android smartphones allows you to access your private photos and other personal data. All it takes is a modified GIF to exploit this vulnerability that has just been discovered by a security researcher.
The flaw is linked to a corruption of the smartphone's memory that can be exploited by a malicious person to hack into the devices of his victims. All he has to do is send a poxed GIF. The vulnerability is exploited at the next opening of the Gallery application, specifically the WhatsApp folder, as explained in the researcher's report. Users must update as a matter of urgency.
WhatsApp: hackers don't need a GIF to hack into your smartphone
Some versions of Android are more vulnerable to this vulnerability than others. Strangely, these are the most recent versions of the OS. "The vulnerability affects Android 8.1 and 9.0, but does not work for Android 8.0 and earlier," according to the researcher who is identified under the pseudonym Awakened. On older versions, memory corruption can still be triggered. However, due to some system specificities, the application crashes just before reaching the point where a breach can be opened on the smartphone, allowing the installation of malware capable of recovering files, including the WhatsApp message database.
The researcher says he shared his discovery with WhatsApp last month. A patch is available in version 2.19.244 of the messaging application. This is the umpteenth time a vulnerability has been discovered this year. This was already the case last May when we learned that WhatsApp could be hijacked to spy on users. The flaw had been quickly fixed, just as last July when another vulnerability was revealed by the company Symantec.