WhatsApp is not safe, just a GIF to steal your data

A computer researcher has discovered a vulnerability on WhatsApp very dangerous: just send a malicious GIF to take control of the device

Update WhatsApp, immediately. Otherwise, a hacker could steal the data and messages on your smartphone. Raising the alarm is a computer researcher (who goes by the name Awakened) who discovered a bug within the world's most used messaging application. It is enough to send a malicious GIF to a user to take possession of his device and get all his personal data.

A very serious vulnerability if you think about the amount of information on our devices and that daily we share on WhatsApp. The bug discovered by the computer researcher is quite anomalous and not very common in the world of computing. It is identified by the name of "double-free" vulnerability and is related to a problem of corruption of the memory of the smartphone that can crash the device, or, as in the case of WhatsApp, open a door to hackers who can "enter" undisturbed and steal personal data. And all because of a very simple GIF, one of the most shared content on the messaging app.

The IT researcher promptly informed WhatsApp that it has already released a security patch that fixes the vulnerability. To make sure you are not a victim of the bug, you need to update WhatsApp to version 2.19.244. It is necessary to emphasize that the vulnerability only affects Android devices.

Why your data on WhatsApp is in danger

As explained by the computer researcher, just sending a simple malicious GIF is enough to infect your smartphone with an exploit, a particular type of virus that exploits a bug or vulnerability to "open the doors" of a device to a hacker. And that's exactly what happens with the WhatsApp bug. Once the GIF is sent, the user who receives it and decides to open it is infected and the hacker takes control of his device remotely.

The vulnerability is related to WhatsApp's Gallery, the system used by the app to show images and videos received from its contacts. According to tests carried out by the IT researcher, the exploit only works on smartphones running Android 8.1 and Android 9.0, while with older versions it crashes the WhatsApp app.

How to defend yourself against WhatsApp vulnerability

The IT researcher immediately alerted WhatsApp's technicians, who promptly fixed the bug and released a new version of the app, number 2.19.244. That's why we recommend you to update the app immediately, to make sure you are not affected by the exploit.

A WhatsApp spokesperson confirmed the existence of the bug and the patch that fixes the problem. Releasing a statement to the thenextweb.com portal, he reassured users by saying that no one has been affected by the vulnerability.