New Delhi: If you have received an MP4 video file on WhatsApp from an unknown number, you could be a victim of a new kind of hacking which uses a recently discovered vulnerability of WhatsApp to install malicious spywares in phones.

This security vulnerability allowed a remote attacker to target phones by sending a video file in MP4 format.

When notified about the security breach, the Indian Computer Emergency Response Team (CERT) categorised the threat under "High Severity" category.

Pegasus-like features

Israel-based spyware maker NSO Group was under spotlight recently for allegedly providing technology [Pegasus spyware] that used WhatsApp's video calling feature to attack user's phones.

A security message notified by WhatsApp's parent company Facebook said, "A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user."

Identified as CVE-2019-11931, this vulnerability message is similar to the one received by CERT from WhatsApp during the Pegasus snooping case.

According to the communication, this weakness could allow a remote attacker to force "Denial of Services (DoS) and Remote Code Execution (RCE)" which could be used to compromise any device running Android, iOS or Windows.

An attacker could use a person's cell number to send a video file through WhatsApp and install an unwanted program in their phones exploiting such vulnerability.

This security issue exists on both individual and business versions of the popular messaging app until the updates were rolled out in October earlier this year.

Although the latest security patch from WhatsApp claims to have fixed this problem, WhatsApp and Facebook have not given further details about the extent of possible execution of this exploit.

This comes even as the controversy around WhatsApp snooping refuses to die down, where phones of over a dozen activists, journalists and lawyers were allegedly compromised by an Israel-made spyware.

WhatsApp has been under fire for not providing adequate information to Indian authorities about the extent of attacks during Pegasus breach. The messaging app has sued NSO Group in a US court for violating its terms and conditions.

Government sources had earlier claimed that the information provided by WhatsApp is more of a "technical jargon" which didn't give much information about victims and extent of such attacks. WhatsApp had informed users separately about possible Pegasus attack on their devices.

Similar to the Pegasus incident, this vulnerability is also being called "a stack-based buffer overflow vulnerability".

According to CERT, "The exploitation does not require any form of authentication from the victim end and executes on downloading of malicious mp4 file on victims system."


Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.

Mangaluru, Jan 21: Several people have been questioned and many suspected places searched as part of the probe into finding out the culprit behind the planting of Improvised Explosive Device at Mangaluru International Airport on January 20, city police commissioner P S Harsha said here on Tuesday.

The bag containing possible explosive substances was found by a CISF official at the entry point of the airport on Monday. it was later defused by the bomb squad.

The commissioner said three police teams probing the case are looking into all angles and hoped to crack it at the earliest.

The probe was progressing well and the suspect who planted the IED would be nabbed soon, he said.

Among those questioned was the auto rickshaw driver in whose vehicle the suspect reached the airport.

Police are also trying to find out whether there is any link between the incident and the bomb threat call received later by the terminal manager against a Bengaluru bound IndiGo flight which left hours late after necessary clearance.

The Bomb Disposal and Detection Squad has sent the residue of the controlled explosion of the device carried out at Kenjar to the Forensic Science Laboratory to find out the nature of the explosive.

Harsha said people have been sending photos and videos of persons looking similar to the suspect to the police, which are being examined.

The auto rickshaw driver who carried the suspect to the airport told the police that the man had another bag in his possession which he left at a salon at Kenjar before going to the airport.

He collected the bag on the way back and got down at Pumpwell junction, the driver said.

Meanwhile, a team of the National Security Guard (NSG) arrived at the MIA on Tuesday to conduct a detailed enquiry into Monday's incident.

They examined the spot where the bomb was found and the entry points to the airport.

The team also visited Kenjar where the IED was detonated by the bomb disposal squad and examined the area to find out the power of the explosion.