WhatsApp Vulnerability Allows For an Attacker to Crash The App and Delete Group Chats

WhatsApp, once again, marginally escaped a serious security threat. As revealed, a WhatsApp vulnerability allowed an attacker to crash the app across multiple devices and permanently delete group chats.

WhatsApp Vulnerability Deleting Group Chats

Researchers from Check Point Research have once again highlighted a serious vulnerability in WhatsApp.

The present revelation is an extension of Check Point’s previous findings and the development of the WhatsApp Protocol Decryption Burp Tool. In August, the researchers elaborated on how exploiting a bug could allow a potential attacker to manipulate WhatsApp chats. They also developed the WhatsApp Decryption Tool as a PoC.

Now, they demonstrated how an attacker could crash the WhatsApp app on multiple phones at a time. As elaborated in their blog post, exploiting the bug required a few careful steps from the attacker, including gaining access to the WhatsApp encryption keys, the app’s secret parameters, and establishing a connection with Python server. All these steps could be achieved by using their decryption tool.

Then, after gaining access to the required details, an attacker could simply replace a group participant’s phone number to any ‘non-digit’ value, as seen in the following image.

Source: Check Point Research

Consequently, sending a message to the target group would result in an app crash across the devices of all participants. Moreover, it would also delete the entire chat permanently after a ‘crash loop’. In turn, the victims would have no other option to stop the issue except reinstalling WhatsApp.

The bug will crash the app and it will continue to crash even after we reopen WhatsApp, resulting in a crash loop. Moreover, the user will not be able to return to the group and all the data that was written and shared in the group is now gone for good. The group cannot be restored after the crash has happened and will have to be deleted in order to stop the crash.

The following video demonstrates the PoC of the attack.

WhatsApp Patched The Bug

After finding this vulnerability in August 2019, Check Point reported it to WhatsApp owners, Facebook. Then, together with the researchers, WhatsApp developers created a fix to address this flaw.

Check Point has confirmed that WhatsApp released the patch with WhatsApp update version 2.19.246 and later.

Users must ensure that their respective devices are running the patched versions of the Facebook-owned WhatsApp to stay safe.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil