A new WhatsApp vulnerability has been discovered that leaves users of the Facebook-owned messaging application with over 1.5 billion users in over 180 countries at risk.
The vulnerability obstructs access to WhatsApp messenger for a group of users by causing a crash-loop, resulting in the loss of users data.
The bug was discovered in August 2019 and responsibly reported to WhatsApp, that confirmed its developers has fixed the bug.
But, TheNewsGuru.com (TNG) found that the vulnerability can still affect users who are yet to update their WhatsApp to version 2.19.246 onwards
Check Point that discovered the bug explained in detail with a blog post how threat actors can crash WhatsApp on multiple phones in a shared group.
In a typical scenario, when a user in a WhatsApp group sends a message to the group, the application will examine the parameter participant to identify who sent the message. Using Check Point tool, threat actors would be able to access the parameter and edit it.
In order to exploit the bug threat actors would need to replace the participant’s parameter from the sender phone number to any non-digit character(s).
By sending the resulting message to a group on WhatsApp, the WhatsApp application will crash in every phone that is a member of the group.
The bug will crash the app and it will continue to crash it even after WhatsApp reopens, resulting in a crash loop. Moreover, the user will not be able to return to the group and all the data that was written and shared in the group is now gone forever.
The group cannot be restored after the crash has happened and will have to be deleted in order to stop the crash.
In WhatsApp there are many important groups with valuable content. If an attacker uses this technique and crashes one of these groups all chat history will be gone and further communication would be impossible.
The impact of this vulnerability is potentially tremendous, since WhatsApp is the main communication service for many people. Thus, the bug compromises the availability of the app which is crucial for our daily activities.
In order to recover from the issue, the user have to uninstall WhatsApp, install it again and remove the group which contains the malicious payload.