WhatsApp, once again, marginally escaped a serious security threat. As revealed, a WhatsApp vulnerability allowed an attacker to crash the app across multiple devices and permanently delete group chats.
Researchers from Check Point Research have once again highlighted a serious vulnerability in WhatsApp.
The present revelation is an extension of Check Point’s previous findings and the development of the WhatsApp Protocol Decryption Burp Tool. In August, the researchers elaborated on how exploiting a bug could allow a potential attacker to manipulate WhatsApp chats. They also developed the WhatsApp Decryption Tool as a PoC.
Now, they demonstrated how an attacker could crash the WhatsApp app on multiple phones at a time. As elaborated in their blog post, exploiting the bug required a few careful steps from the attacker, including gaining access to the WhatsApp encryption keys, the app’s secret parameters, and establishing a connection with Python server. All these steps could be achieved by using their decryption tool.
Then, after gaining access to the required details, an attacker could simply replace a group participant’s phone number to any ‘non-digit’ value, as seen in the following image.
Consequently, sending a message to the target group would result in an app crash across the devices of all participants. Moreover, it would also delete the entire chat permanently after a ‘crash loop’. In turn, the victims would have no other option to stop the issue except reinstalling WhatsApp.
The following video demonstrates the PoC of the attack.