It seems that Facebook-owned WhatsApp is not having a good time. Recently, Facebook-owned WhatsApp accepted that the spyware was being used by Israel based company NSO Group to spy on government officials, journalists, activists, lawyers, and various countries globally, including India. Now, the messaging giant has confirmed that there is yet another vulnerability that allows hackers to take control of a user’s WhatsApp data and even the data on their phone. According to WhatsApp, a potential hacker can take control of your phone by sending you an infected video file, in the MP4 format.
Issuing an advisory, Facebook said, “A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.”
This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Windows Phone versions before and including 2.18.368, Business for Android versions prior to 2.19.104, and Business for iOS versions prior to 2.19.100,” said Facebook.
Why & how to save our phone from spyware attack:
Our phone do have precious pieces of information stored in it. A malware attack could result in a compromised phone, with the risk of malware being planted to either access data, do a remote takeover of your phone or computing device or even eavesdrop on conversations. A lot of users keep the auto-download option on for media files, and that just makes life easier for hackers.
In a bid to reduce the risk of your WhatsApp data getting compromised is to update the app on your Android phone or the Apple iPhone, from the Play Store or App Store respectively.
Turn off the auto-download option on for media files.