Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

WhatsApp bug allows hackers to hijack phones with bizarre gif

Users of the messaging app should update to the latest version to protect their privacy

Anthony Cuthbertson
Sunday 06 October 2019 08:49 BST
Comments
Whatsapp bug allows hackers to hijack phones with bizarre gif

A major security flaw that allows hackers to hijack people's phones by sending them a gif, has been discovered with WhatsApp.

The bug allows hackers to steal files and view chat messages from compromised Android devices.

It was discovered by a researcher who goes by the name Awakened.

The malware, known as a double-free vulnerability, is only triggered if a user opens the specially-created gif in the messaging app.

It works well for phones and devices running Android 8.1 and Android 9, though is less affective with older versions of Google's operating system, the researcher wrote in a detailed blog post describing the hack.

"In the older Android versions, double-free could still be triggered," Awakened said. "However, the app just crashes before reaching to the point that we could control the PC register."

Facebook-owned WhatsApp has issued a fix, though users will need to update to the latest version in order to avoid falling victim to the hack.

A spokesperson for the messaging app told The Independent that they were unaware of any WhatsApp users being affected by the issue.

"The issue was reported and quickly addressed," the spokesperson said. "We have no reason to believe this affected any users, though of course we are always working to provide the latest security features to our users."

Earlier this week it was revealed that the popular messaging app is testing a new feature that will see messages disappear after they are sent.

The introduction of self-destructing messages, which are currently only available in the beta version of the app, brings WhatsApp in line with a number of competitors, including Snapchat and Telegram.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in