Emojis, stickers and especially GIFs are very popular with WhatsApp users. A hack, however, makes the moving pictures extremely dangerous.
- A serious security vulnerability in WhatsApp * is exploited by hackers.
- An apparently harmless GIF allows strangers to access your messages .
- The hacked file uses a nasty bug .
Munich - WhatsApp is once again struggling with a serious security hole . Strangers can read your chats. All they need is an apparently harmless GIF .
The moving pictures have been extremely popular since their introduction to WhatsApp . Who does not know when the group clips are used almost exclusively to communicate with the short clips?
WhatsApp: GIFs are popular, but are now a big problem
Although GIFs are often funnier and more suitable than emojis or stickers, they harbor a serious security hole , which has now been uncovered, as the technology portal futurezone.de reports. A single GIF allows strangers to access your chat .
The hackers use a manipulated file for this. Unsurprisingly, this can be sent to your cell phone via an already hacked app, or - the far more insidious variant - simply sent to you via GIF .
It is not the first time that the anonymity of messages and chat histories has been attacked through a simple message. However, the GIF hack even intervenes in the program code .
WhatsApp hack: This is how strangers can get into your chat with a GIF
Once opened, the hacked image file is released with an almost simple trick memory and writes its own code in your program with which all information and chat processes are made accessible. This possibility to intervene in the program code is a serious security hole and is made possible by the so-called double-free bug (link to Wikipedia.de).
In order to open a Graphics Interchange Format (short: GIF) , WhatsApp has to load the images it contains onto the device. For this, the chat program receives the command from the file to open storage space. If the code " free () " is used twice or more, WhatsApp gets mixed up. The multiple release of memory is not defined in the program , which is why security mechanisms can no longer apply.
Vote: What do you think of language assistants?
WhatsApp problem: new patch eliminates dangers of GIFs
Fortunately, WhatsApp owner Facebook has also become aware of this hacking option and prevents the intervention in a new patch . As of version 2.19.244 , WhatsApp is protected against such "double-free" attacks . WhatsApp for the PC can also fend off the hack attempt.
A small consolation for many smartphone owners. The group announced drastic changes for 2020. Many cell phones, or rather their operating systems, are no longer supported and no longer receive updates. The security gap remains for these users. After all, nothing will change in terms of usage *.
* Merkur.de is part of the nationwide editorial network of Ippen-Digital.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/Z45E6KV7VJGUXAKJWH7VA4NJSE.jpg)
