Remote Code Execution via GIF

In October 2019, security researcher Awakened revealed a vulnerability in WhatsApp that let hackers take control of the app using a GIF image.

If a hacker were to send a malicious GIF to user, they could compromise the user’s entire chat history. The hackers would be able to see who the user had been saying. They could also see users ‘files, photos, and videos sent through WhatsApp.

The Pegasus Voice Call Attack

The scary attack hacker to access a device simply by placing a WhatsApp voice call to their target. Even if the target did not answer the call, the attack could still be effective., And the target may not even be aware that malware has been installed on their device.

This worked through a method known as buffer overflow.

Socially engineered attacks

Another way that WhatsApp is vulnerable is through socially engineered attacks. These exploit human psychology to steal information or spread misinformation.

Media File jacking

The attack starts by installing malware hidden inside an apparently harmless app.

This can then monitor incoming files for Telegram or WhatsApp. When a new file comes in, the malware can swap out the real file for a fake one.

Facebook Could spy on WhatsApp chats.

The fact WhatsApp uses end-to-end encryption does not mean all messages are private. On an operating system like IOS 8 or above, app can access files in a “shared container”.

Both the Facebook and WhatsApp apps use the same shared container on devices.

And while chats are encrypted when they are sent, they are not necessarily encrypted on the originating device. This means the Facebook app could potentially copy information from the WhatsApp app.

Paid Third Party App

You would be surprised how many paid legal apps have sprung up in the market that solely exist for hacking into secure systems.

It is used to target activists and journalists; or by cybercriminals, intent on getting your personal information.

Fake WhatsApp clone

Using fake websites clones for installing malware is an old hacking strategy till implemented by many hackers all over the world.

WhatsApp Web

As handy as the web version is, it can be easily used to hack into your WhatsApp chats. This danger arises when you are using the WhatsApp web on someone else’s computer.

Leave a Reply

Your email address will not be published. Required fields are marked *