WhatsApp can be crashed by sending long emoji-filled messages, says researcher

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

A simple WhatsApp trick could force the app to crash on people’s phones, potentially endangering their data.

The app has a vulnerability that allows people to send long messages that could shut down their phones, according to a security researcher.

If a person uses the web version of the app to send a message of around 5,000 emoji, the mobile app that receives it will crash and force itself to shut down, the researchers say. The only way to continue to use the app is to delete the message history and then re-open the conversation.

The app does have a character limit, presumably intended in part to avoid messages so long that the app can’t handle it. But that limit is too small — the app starts to slow down at around 4,500 messages, but people can send up to 6,000.

The problem appears only to affect the Android version of WhatsApp, which is used by over a billion people. It causes problems for the iOS app, but it doesn’t crash it entirely.

Researcher Indrajeet Bhuyan said that the flaw could potentially be used by people to send messages and then force people to get rid of any evidence that they were ever actually sent.

“Suppose an attacker have send an abusive message or is blackmailing a victim,” Mr Bhuyan wrote in a blog post. “Now the victim cannot show the message as proof as once the victim receive the smiley […] the whole chat with the attacker would crash and the victim won’t be able to open it.

“The victim will have to delete the entire chat with the attacker in order to use WhatsApp normally.”