Message Modifications Could Crash the App
The report explains that once on a group chat, a malicious user could edit some messages with a browser debugging tool available on the app’s web platform. By doing this, they could create any stoppable crash loop for every group member, which will both wipe their chat histories and recent them from returning to the group.The only way to fix this, the cybersecurity firm notes, is to uninstall the app and download it again. Oded Vanunu, the Head of Product Vulnerability Research at the firm, said, “Because WhatsApp is one of the world’s leading communication channels for consumers, businesses and government agencies, the ability to stop people using WhatsApp and delete valuable information from group chats is a powerful weapon for bad actors.” He added that to protect themselves, users will need to update their apps to the latest version. The bug was first discovered back in August and had been reported to WhatsApp as part of a bug bounty program. In response, the company released a bug fix for it in the version 2.19.246. WhatsApp Software Engineer Ehren alert confirmed the patch, adding that the company has also added stronger controls to prevent people from being added to unwanted WhatsApp groups for their privacy.One of the most popular features of WhatsApp is group messaging, but recent stumbles in group chat security—including a bug that could have let hackers crash the app entirely—have shown that WhatsApp may need to keep a closer eye on these communal hubs. https://t.co/IMPuahNVnA
— WIRED (@WIRED) December 17, 2019
British Politicians Leave WhatsApp
Security vulnerabilities are undoubtedly not new to WhatsApp, or its parent company Facebook. Still, it’s popularity over a lot of its competitors remains intact. WhatsApp currently has 1.5 billion monthly active users, with about 65 billion messages being sent on its platform daily.Earlier this week, members of the British parliament reportedly ditched Whatsapp for Signal over issues of data leaks. Signal is one of WhatsApp’s major rivals, and the app promises encrypted, ad-free communications and the ability to prevent any third parties from reading messages. It’s already been endorsed by Edward Snowden, and this year, the company launched the Signal Foundation and enlisted WhatsApp co-founder Brian Acton as executive chairman. Acton pledged £38 million ($50 million) to the development of the app, and now that parliamentarians have chosen to integrate it into their communications, the app seems to be capping off what has been a great year.After the election — and amid a government push for breaking end-to-end encryption — Conservative MPs are downloading Signal, which has the added benefit of auto-deleting messages https://t.co/hQ94YzZOII
— Mark Di Stefano (@MarkDiStef) December 17, 2019
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.