WhatsApp users are vulnerable to a new cyber threat from Malicious Video Files

    WhatsApp users all over the world should make a note of the new mobile security alert where researchers claim that hackers could easily take control of a phone just by sending an infected video file in MP4 format.


    Going deep into the details, the Facebook-owned subsidiary is back in the news after last week’s Pegasus spyware attack as security researchers from the Indian Computer Emergency Response Team (CERT-IN) have discovered a new bug which allows hackers take control of an Apple iPhone or an Android device through a malicious video file.


    As the cyber threat alert is classified as “High” the CERT-In has passed on the info to UK’s NCSC and US DHS which have taken note of the situation and have respectively issued a warning early today.


    Technically speaking, MP4 is a video compression format that allows the distribution of videos, audios, and subtitles through messaging apps.


    Security researchers from the Indian Cyber Security team have discovered a loophole in WhatsApp which is reported to be allowing hackers to add malware on users’ devices and steal sensitive info like photos, videos, contacts, and messages- along with technique to install spying malware.


    As it helps bad guys to access victims’ phones through remote code execution, the cyber threat is mediated to be extremely high.

    Affected WhatsApp versions include 2.19.274 ( Android), 2.19.100 (iOS), 2.25.3(enterprise client versions), Windows Phone 2.18.368.


    And the only way to keep your phones secured from such infections is to update your WhatsApp app with the latest version from the Android Play Store or Apple App Store.


    Note- Early this month, Facebook confirmed that it is going to sue NSO Group for planting Pegasus spying malware on more than 1400 smartphones without the knowledge of the company and consent from the users.


    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display