Facebook Inc’s WhatsApp messenger service has announced that it has fixed the bounty bug that reportedly allowed hackers to break into users video call.
Well, it is yet unknown how many users who actually got affected by the bug which allowed hackers to let the app crash during incoming WhatsApp video calls.
According to a report Smartarenapost.com sighted on ZDNet on Wednesday, Facebook-owned WhatsApp, which has over 1.5 billion users, fixed the vulnerability this week. It is yet to be known how many users were affected.
“Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet,” Silvanovich said in a bug report.
“This issue can occur when a WhatsApp user accepts a call from a malicious peer,” she added. She also published proof-of-concept code and instructions on how to reproduce the attack.
Memory corruption bug was found in WhatsApp’s “non-WebRTC” video conferencing implementation. WhatsApp web users were not impacted because it uses, what is called, WebRTC for video calls.
“Last week, Israel’s cyber-intelligence agency sent out an alert about a new hacking technique that relied on poorly secured voicemail inboxes to hijack WhatsApp accounts from their legitimate owners,” said the report.
“WhatsApp cares deeply about the security of our users. We routinely engage with security researchers from around the world to ensure WhatsApp remains safe and reliable. We promptly issued a fix to the latest version of WhatsApp to resolve this issue,” a WhatsApp spokesperson told ZDNet.
The messaging app is used by more than 1.2 billion people around the world.