As most of us may be aware, Whatsapp is a free, popular cross-platform messaging service by means of which one can send text messages, voice messages, images, documents and make video calls. It is owned by Facebook and is currently used by over 1.5 billion people worldwide. The conversations that take place on Whatsapp makes use of end-to-end encryption.
How did the attack take place?
Whatsapp voice calls are made through VoIP or ‘Voice over Internet protocol’ technology rather than traditional phone lines. While each hack and attack is a different learning experience, here is the learning from the latest Whatsapp hack:
The Whatsapp hack occurred by taking advantage of the ‘buffer overflow vulnerability’ which has existed for a very long time.
What is a ‘buffer overflow vulnerability’:
A buffer is a series of memory locations to hold integer or character data. When data is trying to be pushed onto a buffer which can only hold ‘n’ number of characters, it overflows and moves into subsequent locations. This is ‘Buffer overflow’ or ‘Buffer overrun’. This causes the system to crash and hackers step in right here to exploit this ‘buffer overflow vulnerability’ to make the program function differently. As an example, if
char a[5];
is defined,
and if
a=”What a wonderful world”;
is assigned, it causes the buffer to overflow and either causes the system to crash or is prone to attacks. ‘Buffer overflow’ vulnerability can be mitigated to a certain extent with good programming practices.
In the case of the Whatsapp hack, when a VoIP call is made, a VoIP transaction is set up along with encryption. The recipient of the call can accept, decline or ignore the call. It is quite a possibility that the buffer overflow vulnerability was exploited at this stage and the spyware was injected onto user’s phones.
What happens if my Whatsapp account has been compromised?
If you haven’t received any missed calls from unknown numbers you are probably safe from the attack.
But if your number has been compromised, chances are that spyware is capable of spying on your pictures, messages, activating your camera and microphone and more malicious activities.
What you should do:
Given that Whatsapp is a globally used platform for messaging, it is quite a possibility that the vulnerability might be lurking on every user’s phone.
Hence, it is always a good practice to update to the latest version of Whatsapp which might include fixes for the latest bugs for both Android and Apple systems.