WhatsApp, the world’s most popular end-to-end encrypted messaging application, patched an incredibly frustrating software bug that could have allowed a malicious group member to crash the messaging app for all members of the same group, The Hacker News learned.
Just by sending a maliciously crafted message to a targeted group, an attacker can trigger a fully-destructive WhatsApp crash-loop, forcing all group members to completely uninstall the app, reinstall it, and remove the group to regain normal function.
Since the group members can’t selectively delete the malicious message without opening the group window and re-triggering the crash-loop, they have to lose the entire group chat history, indefinitely, to get rid of it.
Discovered by researchers at Israeli cybersecurity firm Check Point, the latest bug resided in the WhatsApp’s implementation of XMPP communication protocol that crashes the app when a member with invalid phone number drops a message in the group.
“When we attempt to send a message where the parameter ‘participant’ receives a value of ‘null,’ a ‘Null Pointer Exception’ is thrown,” the researchers explain in a report shared with The Hacker News prior to its release.
“The parser for the participant’s phone number mishandles the input when an illegal phone number is received. When it receives a phone number with a length, not in the ranger 5-20 or a non-digit character, it would read it as a ‘null’ string.”
To be noted, the issue resided in both, WhatsApp for Android and iOS, but in an interview with The Hacker News, Check Point researcher Roman Zaikin confirmed that the exploit works smoothly against all vulnerable Android users, but sometimes doesn’t reproduce on iOS.
The attack requires a malicious group member to manipulate other parameters associated with messages in a conversation that is otherwise protected using end-to-end encryption.
images from Hacker News