WhatsApp Flaw Causes Crashing Loop, Wipes Out Entire Group Chat History
Over one billion people rely WhatsApp on a monthly basis for both personal and business use. Security vulnerabilities could therefore prove detrimental to communication and workflow. If you use WhatsApp, you will definitely want to make sure you have the latest version installed on your device. Security researchers recently discovered a WhatsApp bug that could completely wipe out your group chat histories.
Security researchers at Check Point created a tool referred to as the “WhatsApp Manipulation Tool”. The tool essentially altered the parameters of the app. The researchers were able to use the new parameters to obtain access to the encryption and decryption keys that are generated whenever a user logs into their account. Once they had access to these keys, they could change the phone number of a user to a non-digit character and send out a message to a group. These changes resulted in a crash loop that affected every user in a group message.
Users would need to reinstall the app and delete the original group. The group chat would cease to exist and users would be unable to access the chat’s history. This may not be a major issue for most casual users, but many people use WhatsApp for work. This kind of bug could prove to be incredibly inconvenient for both users and businesses.
The bug was originally discovered in August and the researchers quickly informed WhatsApp. WhatsApp has since issued a fix with WhatsApp version 2.19.58. If you have not already, you will need to update the app to protect yourself from the bug. According to WhatsApp, the bug thankfully had not been exploited by hackers.
WhatsApp also recently released a patch for another bug that could allow hackers access to a user’s conversations, pictures, and private information. Hackers could have potentially remotely accessed a device by sending a user a video file with malicious code. Another bug could have allowed hackers to alter the text of a user’s reply. Security researchers were able to “...reverse-engineer WhatsApp web source code and successfully decrypted WhatsApp traffic.” Fortunately, fixes for both vulnerabilities were released before hackers could take advantage of them.
Security researchers at Check Point created a tool referred to as the “WhatsApp Manipulation Tool”. The tool essentially altered the parameters of the app. The researchers were able to use the new parameters to obtain access to the encryption and decryption keys that are generated whenever a user logs into their account. Once they had access to these keys, they could change the phone number of a user to a non-digit character and send out a message to a group. These changes resulted in a crash loop that affected every user in a group message.
Users would need to reinstall the app and delete the original group. The group chat would cease to exist and users would be unable to access the chat’s history. This may not be a major issue for most casual users, but many people use WhatsApp for work. This kind of bug could prove to be incredibly inconvenient for both users and businesses.
The bug was originally discovered in August and the researchers quickly informed WhatsApp. WhatsApp has since issued a fix with WhatsApp version 2.19.58. If you have not already, you will need to update the app to protect yourself from the bug. According to WhatsApp, the bug thankfully had not been exploited by hackers.
WhatsApp also recently released a patch for another bug that could allow hackers access to a user’s conversations, pictures, and private information. Hackers could have potentially remotely accessed a device by sending a user a video file with malicious code. Another bug could have allowed hackers to alter the text of a user’s reply. Security researchers were able to “...reverse-engineer WhatsApp web source code and successfully decrypted WhatsApp traffic.” Fortunately, fixes for both vulnerabilities were released before hackers could take advantage of them.
