WhatsApp was recently found to be affected by a GIF vulnerability that allowed hackers to gain access to your files and messages by using malicious GIFs.
This was revealed in a technical write-up posted on GitHub by a researcher who goes by the name Awakened. He says that this vulnerability stems from a double-free bug in WhatsApp.
A double-free vulnerability essentially means a memory corruption issue that can crash an app, or even create an opportunity for hackers to obtain access to your device. The double-free vulnerability can simply be exploited by crafting a malicious GIF, and wait for the user to open the WhatsApp gallery.
Awakened believes that the double-free bug resided in WhatsApp‘s Gallery view implementation, which is used to generate previews for images, videos, and GIFs.
“The exploit works well for Android 8.1 and 9.0, but does not work for Android 8.0 and below. In the older Android versions, double-free could still be triggered. However, […] the app just crashes before reaching the point that we could control the PC register,” Awakened said in his write-up.
Notably, WhatsApp has already fixed this issue in the update v2.19.244. Make sure to update your app to version 2.19.244 or above.
WhatsApp also responded to Awakened’s write-up in a statement to The Next Web, where it said:
“The key point that the [vulnerability disclosure] makes is that this issue affects(sic) the user on the sender side, meaning the issue could in theory occur when the user takes action to send a GIF. The issue would impact their own device. It was reported and quickly addressed last month. We have no reason to believe this affected any users though, of course, we are always working to provide the latest security features to our users.”
However, soon after, Awakened responded saying that it’s untrue that a hacker can only pull off the exploit if a “user takes action to send a GIF.” He also shared proof-of-concept footage to show the steps to reproduce the attack.