AlternativeTo Logo

WhatsApp has fixed a video call-based account hijack exploit

almost 4 years ago by IanDorfman

The developers of WhatsApp have just patched a serious security exploit that researchers at Google discovered back in August.

The Android and iOS releases of the messaging, voice, and video calling service have been updated to remove the exploit, which was referred to as a "memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation" by Natalie Silvanovich, a Google Project Zero security researcher. The bug enabled attackers to take over a user's installation of the application when answering a video call.

This bug only impacted the Android and iOS versions of WhatsApp and not the web version of it because of the difference in protocols utilized. For Android and iOS, WhatsApp uses the Real-time Transport Protocol (RTP); for the web version, the Web Real-Time Communication ( protocol is used.

In a statement to ZDNet, WhatsApp said that it found no evidence of this exploit being used to attack users.

Further coverage: ZDNet Engadget

WhatsApp iconWhatsApp
  • FreeProprietary
  • Mac
  • Windows
  • Online
  • Android
  • iPhone
  • Android Wear

WhatsApp is an iPhone and Android messaging app which allows you to exchange messages without having to pay for SMS.