WhatsApp has understood to have fixed a bug in its Android and iOS mobile app that allowed the hackers to let the app crash during incoming video calls. According to a report in ZDNet on Wednesday, Facebook-owned WhatsApp, which has over 1.5 billion users, fixed the vulnerability this week. It is yet to be known how many users were affected.
The company is yet to issue a statement on this. Natalie Silvanovich, a security researcher with Google's Project Zero security research team, discovered the bug in WhatsApp video call. "Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet," Silvanovich said in a bug report. "This issue can occur when a WhatsApp user accepts a call from a malicious peer," she added.
Memory corruption bug was found in WhatsApp's "non-WebRTC" video conferencing implementation. "Last week, Israel's cyber-intelligence agency sent out an alert about a new hacking technique that relied on poorly secured voicemail inboxes to hijack WhatsApp accounts from their legitimate owners," said the report. In the biggest-ever security breach after Cambridge Analytica scandal, Facebook last month admitted that hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys.
Facebook security team discovered the security issue on September 25 which was later fixed. In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon.