A security flaw that allows hackers to hijack phones by sending a malicious gif, has been discovered with WhatsApp.
The hack could be triggered when a user opened the GIF in their gallery. After that, the app's contents could have been exploited, revealing previous chat history.
It was discovered by a researcher who goes by the name Awakened.
It works well for phones and devices running Android 8.1 and Android 9, though is less affective with older versions of Google's operating system, the researcher wrote in a detailed blog post describing the hack.
Facebook after being informed of the hack fixed the bug in WhatsApp version 2.19.230.
It even responded to the discovery through a statement to The Next Web - “The key point that the [vulnerability disclosure] makes is that this issue affects the user on the sender side, meaning the issue could in theory occur when the user takes action to send a GIF. The issue would impact their own device.” a WhatsApp person told TNW.
“It was reported and quickly addressed last month. We have no reason to believe this affected any users though of course we are always working to provide the latest security features to our users.”
The researcher then replied saying that WhatsApp’s claim isn’t correct and even shared a demo of how the bug can be triggered.