Facebook says Whatsapp video calling bug fixed

Donna Miller
October 12, 2018

Natalie Silvanovich, a security researcher with Google's Project Zero security research team, discovered the bug in WhatsApp video call.

WhatsApp has fixed a bug in its mobile apps on Android and iOS that could potentially allow hackers to crash the app during a call.

If a WhatsApp user answered the call, the attackers could take over their account using a malformed Real-time Transport Protocol packet. Now that word has gotten out about the gap in security, however, it's even more crucial users grab the latest version.

According to Silvanovich's report, the bug is triggered when a user receives a malformed RTP packet, triggering the corruption error and crashing the application. WhatsApp web users were not impacted because it uses, what is called, WebRTC for video calls.

Silvanovich also published proof-of-concept code and instructions for reproducing an attack. Israel's online intelligence agency recently warned about a widely used account hijacking method that took advantage of improperly secured voicemail inboxes.

Brokers Recommendations on: Barnes & Noble, Inc. (NYSE:BKS)
Susquehanna Fundamental Investments LLC acquired a new stake in shares of Barnes & Noble in the 1st quarter valued at $121,000. Current price level places the company's stock about -38.35% from the 52-week high and 13.79% away from the 52-week low.

"WhatsApp cares deeply about the security of our users", a WhatsApp spokesperson told ZDNet.

"Rumours about Facebook fuelling ads on Whatsapp started popping up at the end of last month, stating that ads are coming to WhatsApp for iOS, and now same happens for Android, Android Headlines reported". We routinely engage with security researchers from around the world to ensure WhatsApp remains safe and reliable.

Facebook has suffered a string of security-related problems in the past year.

Facebook said it reacted "promptly" to fix the issue once it was identified.

In the Cambridge Analytica scandal, data of almost 87 million people was breached upon.

Other reports by

Discuss This Article