Facebook-owned messenger app WhatsApp has a deadly bug that allowed cybercriminals take over the account with just accepting one video call.
If the user takes a WhatsApp video call from a stranger or from a known person, but with ill intention, the latter could take over the victim's phone account and syphon off the sensitive contents.
"This is a big deal. Just answering a call from an attacker could completely compromise WhatsApp," Tavis Ormandy, Google Project Zero researcher said on Twitter.
The culprit was 'Memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation,' said Natalie Silvanovich, fellow Google Project Zero expert. "Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet," Silvanovich noted.
What's more serious is that the security loop-hole was found in both the iOS and Android versions, meaning over billion and a half users were vulnerable to getting hacked on WhatsApp. It was detected by Google Project Zero Cybersecurity experts, way back in August, but it was only fixed earlier this month, reported ZDNet.
Should WhatsApp users be worried?
As the fix has been released, there is no reason for concern now. But, to be on safer side, WhatsApp users are advised to exercise caution while receiving video calls from strangers.
Not just in the messenger app, but also while interacting with unknown persons on email, as well. They may sound legit, but they can trick you into revealing bank details and some unfortunate times syphon off your money.
Ads on WhatsApp soon?
In a related development, reports have emerged that Facebook wants to monetize WhatsApp and in that order, it plans to bring ads to the messenger apps. It has come to light that the company might start with ad banners on the users' status section. It is expected to start with the Android version and will be introduced to the iOS platform.