Answering a video call on WhatsApp from a hacker would give them complete control over your WhatsApp account! This hijacking scheme left private messages in the hands of attack artist.
A critical vulnerability was found on the WhatsApp that allowed hackers to remotely commandeer a user’s WhatsApp by video calling over the messaging app.
This vulnerability gets triggered when a user gets a unique crafted malformed Real-time Transport Protocol (RTP) packet through a video call request, which causes a corruption error, crashing the WhatsApp mobile app.
“This is a big deal. Just answering a call from an attacker could completely compromise WhatsApp,” security researchers said.
A Video Call to Hijack WhatsApp Account
Androids and iOS apps are affected by the vulnerability due to the RTP implementation of the Whatsapp, but not WhatsApp Web that relies on WebRTC for video calls.
In a short, hackers just need your phone number to hijack your WhatsApp account and view all your activity such as private messages.
WhatsApp acknowledged this concern and issued a patch on September 28 for the Android client and on October 3 for the iPhone client. So be sure to update your WhatsApp app if you haven’t done so already.
How to protect your WhatsApp account
- Ensure your apps are updated regularly. If you set your apps to update automatically, they’ll always have the latest security patches that have been built to close off known vulnerabilities.
- Turn on two-factor authentication by going to Settings, then Account, and opening Two-step verification. Hit Enable and you’re done.
Two-factor authentication means you will need to confirm whenever you log into WhatsApp via a new device using a second login credential of your choosing.
It’ll block the hackers from using the information they can steal via a video or voice call with your account from taking it over. It is highly recommended that you activate two-factor authentication across your other apps and social accounts wherever possible.
Original Article Found Here.