Close

WhatsApp exploit let one user render the app unusable for entire groups

Sponsored Links


SOPA Images via Getty Images

WhatsApp may be one of the most popular messaging apps, but it has had its share of security issues. Recently, security research group Check Point Research announced it uncovered a defect through which a single malicious user could crash the apps of all members of a group chat.

After a group chat, a user could edit specific message parameters using the WhatsApp web interface and a browser debugging tool. Then they could create an “unstoppable crash-loop for all group chat members” which could only be fixed by uninstalling and reinstalling the app. The exploit would prevent members from returning to the group and and also lose all history of the chat.

This follows another WhatsApp vulnerability discovered by Check Point last year. The FakesApp vulnerability, as it is known, allowed people to manipulate messages in group chats to make it appear as if other users had said things they had not. This worked by manipulating the parameters used by the WhatsApp web interface to fake the apparent sender of a message.

After finding the latest defect, Check Point disclosed the problem to WhatsApp in August as part of a bug bounty program. WhatsApp patched the issue in September with version 2.19.58, so take this as a reminder to keep your apps up to date.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comment



Comments

Share

Tweet

Share



Save