Security Alerts WhatsApp Video Call Attack
Thursday, Oct 11, 2018
WhatsApp can be compromised with a video phone call from attackers.
Google Project Zero security researcher, Natalie Silvanovich, found a vulnerability in WhatsApp messenger that could allow an attacker to remotely take control of WhatsApp by establishing a video call over the app.
This is due to a memory heap overflow issue that occurs when the user receives a crafted malformed RTP packet via video call request. Answering this causes the WhatsApp Mobile app to crash and corrupt. Another Google Project Zero researcher, Tavis Ormandy, stated that this could be used to completely compromise WhatsApp.
This effects the iOS and Android app of WhatsApp, but not the web version.
The good news is the issue was acknowledged by WhatsApp and patched on September 28th (Android Client) and October 3rd (iOS).
It is highly recommended that you update your WhatsApp now if you have not already.