Info-tech

Whatsapp malware is disguised as an MP4 file too

Our Bureau Mumbai | Updated on November 19, 2019 Published on November 19, 2019

Representative image

The malware exploits Whatsapp by triggering a stack-based buffer overflow in its memory, according to an advisory issued by the Maharashtra Cyber Police

If your WhatsApp settings allow you to automatically save media files to your device, there is a possibility that your device might be infected with malware, according to a report in The Hindu.

The article said that the Maharashtra Cyber Police on Monday issued an advisory about a vulnerability in WhatsApp, which was discovered by Facebook four days ago. The advisory said that the malware exploits the instant messaging app by triggering a stack-based buffer overflow in its memory.

“The malware is disguised as an MP4 media file and triggers a memory overflow to the buffer memory, which causes the app to lose control over itself for a short period. During this window, taking advantage of the disorientation, the malware embeds itself into the device,” an officer told The Hindu.

Once the malware infects a device, it can use it for any purpose, including a denial of service (DoS) attack or a remote code execution (RCE), the officer said.

The officer further said that what makes the discovery of this vulnerability all the more concerning is that there is currently no clarity on how many times it has already been exploited before it was discovered, and for what purposes. “It is also possible that it was being exploited to be used as a zero-day attack at a later date,” the officer added.

A zero-day attack is one where a pre-discovered vulnerability is exploited to embed malwares with a specific function in a large number of devices, with the function programmed to be triggered on all the devices at a specific day and time, the article said.

“Users are advised to turn off their auto-download option for media files and also not download any MP4 files from an unknown source. WhatsApp has released a patch for the vulnerability on all platforms, and users are advised to install it at the earliest,” Superintendent of Police Balsing Rajput, Maharashtra cyber said, according to the same article.

Published on November 19, 2019
This article is closed for comments.
Please Email the Editor