WhatsApp, security problem: do not download videos and audio files

WhatsApp is not safe: discovered vulnerability that allows a hacker to take control of a smartphone using an audio or video file

If you receive an MP4 file (video or audio) on WhatsApp, do not download it, it could hide malicious code (virus or malware) able to take control of the smartphone. The confirmation comes directly from Facebook (owner of the application) that invites all users to immediately update the application to the latest available version.

The vulnerability was discovered in recent weeks and developers have immediately made a patch to fix the problem. As reported by gbhackers.com, the vulnerability has been classified as "Critical", which means that it endangers millions of users and any hacker could exploit it to his advantage. The whole thing happens through an MP4 file that is sent through WhatsApp. As soon as the user downloads the multimedia content, the cyber-attack starts: arbitrary code is executed that can compromise the smartphone.

How the WhatsApp vulnerability works

No application is perfect, much less WhatsApp. And this is proven by the vulnerability discovered in the last few weeks: all it takes is an MP4 file to give hackers the opportunity to remotely take control of your smartphone. It's not a normal audio or video file, but a particular document designed specifically to exploit the vulnerability. It is a cyber attack designed by real professionals, probably by some hacker for hire.

The functioning of the vulnerability is very simple: once you download the offending MP4 file, it starts executing arbitrary code that allows the hacker to take possession of the smartphone and steal all the data inside.

La vulnerabilità è stata confermata anche da WhatsApp ed è stata contrassegnata dal codice CVE-2019-11931.

Quali versioni di WhatsApp sono a rischio

La vulnerabilità colpisce tutte le versioni di WhatsApp: Android, iOS, Windows Phone e Business. Facebook consiglia gli utenti di aggiornare immediatamente l’applicazione all’ultima versione disponibile. Sono in pericolo gli utenti che utilizzano le seguenti versioni di WhatsApp:

  • Android: versione 2.19.274 o precedente
  • iOS: versione 2.19.100 o precedente
  • Business Android: 2.19.104 o precedente
  • Business iOS: 2.19.100 o precedente
  • Windows Phone: 2.18.368 o precedente.

Per controllare quale versione di WhatsApp è presente sul proprio smartphone è necessario entrare nelle Impostazioni, premere su Aiuto e poi su Info App. Si aprirà una schermata con il numero di versione installata sul proprio dispositivo. In case it is one of the incriminated ones, immediately enter the Google Play Store, App Store or Windows Phone Store and update WhatsApp, there is definitely a newer version available.