The victim will receive an MP4 media file which is maliciously crafted on WhatsApp from an unknown sender and this is where the ‘hacking’ starts. The MP4 file will most likely play as any other video file but in the background the hacker can execute a malicious code to get access to the victim’s phone.
Explaining the technical details behind it, CERT-IN in its advisory said, “A stack-based buffer overflow vulnerability exists in WhatsApp due to improper parsing of elementary stream metadata of an MP4 file. A remote attacker could exploit this vulnerability by sending a specially crafted MP4 file to the target system. This could trigger a buffer overflow condition leading to execution of arbitrary code by the attacker. The exploitation does not require any form of authentication from the victim end and executes on downloading of malicious crafted mp4 file on victims system.”
“Successful exploitation of this vulnerability could allow the remote attacker to cause Remote Code Execution (RCE) or Denial of Service (DoS) condition, which could lead to further compromise of the system,” it added.
The agency is warning users to upgrade to the latest WhatsApp version immediately. Android users must upgrade to WhatsApp version 2.19.274 at least. Apple iPhone users must upgrade to version 2.19.100.
To check the WhatsApp version on iPhone, go to Settings> tap on ‘Help’ and you will get to see the version number on top. For Android, go to Settings> tap on Help> go to ‘App info’.
This vulnerability also affects “WhatsApp Enterprise Client prior to 2.25.3, WhatsApp for Windows Phone prior to 2.18.368, WhatsApp Business for Android prior to 2.19.104 and WhatsApp Business for iOS prior to 2.19.100,” it said.