A bug in the filter allowed attackers to access your data

Popular application WhatsApp it has never been one of the best security communication tools. According to TheHackerNews, the last example is an error in its filter for editing photos before sending them.

Due to a bug, it was possible to crash the WhatsApp application

An error has occurred in the filter that allows a user to edit a photo before sending it to another user. With its help, the attacker could send the victim a malicious file in GIF image format and then gain access to his data. The bug was detected in WhatsApp for Android versions v2.21.1.13 and WhatsApp Business version v2.21.1.13.

Check Point Research, a cyber security company, discovered the bug on the WhatsApp platform as early as November 10, 2020, alerting the service owner to it. This is, of course, Facebook. The security company also stated that it managed to crash the WhatsApp application by switching between different filters in malicious GIF files.

In the meantime, Facebook has already fixed the mistake

The problem was specifically rooted in the “applyFilterIntoBuffer ()” function, which handles image filters. When it downloads the source image, it applies the filter selected by the user and copies the result to the destination cache. Using reverse engineering from the “libwhatsapp.so” library, experts found that the vulnerable feature relied on the assumption that the source and filtered images had the same dimensions as well as the same RGBA color format.

The RGBA pixel is 4 bytes in size, so an attacker only needs to use a 1-byte pixel to overflow the cache when it is reloaded 4 times. The malicious file can then be copied to the victim’s device, overwrite WhatsApp files, and gain access to user data on the device.

The service stated that it was unaware of the abuse of this bug against its users. After version 2.21.1.13, Facebook added two new source and filtered image checks to ensure that both the source and filter images are in true RGBA format. This should prevent malicious files from being sent.