About Us Contact us Kannada

New Delhi: If you have received an MP4 video file on WhatsApp from an unknown number, you could be a victim of a new kind of hacking which uses a recently discovered vulnerability of WhatsApp to install malicious spywares in phones.

This security vulnerability allowed a remote attacker to target phones by sending a video file in MP4 format.

When notified about the security breach, the Indian Computer Emergency Response Team (CERT) categorised the threat under "High Severity" category.

Pegasus-like features

Israel-based spyware maker NSO Group was under spotlight recently for allegedly providing technology [Pegasus spyware] that used WhatsApp's video calling feature to attack user's phones.

A security message notified by WhatsApp's parent company Facebook said, "A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user."

Identified as CVE-2019-11931, this vulnerability message is similar to the one received by CERT from WhatsApp during the Pegasus snooping case.

According to the communication, this weakness could allow a remote attacker to force "Denial of Services (DoS) and Remote Code Execution (RCE)" which could be used to compromise any device running Android, iOS or Windows.

An attacker could use a person's cell number to send a video file through WhatsApp and install an unwanted program in their phones exploiting such vulnerability.

This security issue exists on both individual and business versions of the popular messaging app until the updates were rolled out in October earlier this year.

Although the latest security patch from WhatsApp claims to have fixed this problem, WhatsApp and Facebook have not given further details about the extent of possible execution of this exploit.

This comes even as the controversy around WhatsApp snooping refuses to die down, where phones of over a dozen activists, journalists and lawyers were allegedly compromised by an Israel-made spyware.

WhatsApp has been under fire for not providing adequate information to Indian authorities about the extent of attacks during Pegasus breach. The messaging app has sued NSO Group in a US court for violating its terms and conditions.

Government sources had earlier claimed that the information provided by WhatsApp is more of a "technical jargon" which didn't give much information about victims and extent of such attacks. WhatsApp had informed users separately about possible Pegasus attack on their devices.

Similar to the Pegasus incident, this vulnerability is also being called "a stack-based buffer overflow vulnerability".

According to CERT, "The exploitation does not require any form of authentication from the victim end and executes on downloading of malicious mp4 file on victims system."

Courtesy: www.indiatoday.in

Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.

Comments

Kochi (PTI): The Kerala High Court on Tuesday declined to issue any interim order putting on hold the screening of Malayalam film 'L2: Empuraan' starring superstar Mohanlal.

Justice C S Dias ordered to issue notice to the Centre and the Censor Board seeking their stand on the plea by Thrissur-native V V Vijeesh who has claimed that continuing to show the movie poses a risk of inciting communal violence and disturbing public order.

It listed the matter for hearing after the vacation.

The court also questioned whether the petition was filed in publicity interest by the petitioner.

During the brief hearing of the matter, the court also asked what was the problem when the Censor Board had certified the film for public viewing.

It also expressed doubts about the petitioner's intention behind filing the plea.

It also pointed out that no case was filed anywhere against the movie.

The state government said that no case has been lodged against the film in Kerala.

Meanwhile, Antony Perumbavoor, one of the producers of the film, earlier in the day announced that the movie has undergone cuts to remove scenes of little over two minutes.

He said the decision to carry out the edit was a joint one of all the producers and actors, including Mohanlal and Prithviraj Sukumaran, and it was not out of fear of anyone.

The movie has faced intense criticism from the Sangh Parivar with regard to some portions of the film.

'L2: Empuraan', the second part of the 'Lucifer' movie, a trilogy planned by the Prithviraj-Mohanlal team, has become a topic of hot debate over its critique of right-wing politics and the covert mention of the Gujarat riots.

On March 27, the day of the movie's release, the Sangh Parivar vehemently criticised the film on social media, while the Congress and Left platforms celebrated the film for portraying the right-wing politics as "villainous".

All Stories

Prabhsimran, Iyer shine as PBKS beat LSG by 8 wickets
Prabhsimran, Iyer shine as PBKS beat LSG by 8 wickets

Prabhsimran Singh smashed 69 off 34 balls to guide Punjab Kings to a comfortable eight-wicket win over Lucknow Super Giants in an Indian Premier League match here on Tuesday.
Karnataka: Case against MLA's son for taking out march with hunted wild rabbits
Karnataka: Case against MLA's son for taking out march with hunted wild rabbits

A case was registered against Congress MLA Basanagouda Turvihal's son Satish Gouda, his brother and others on Tuesday after purported videos of them allegedly taking out a march displaying hunted wild rabbits hung on shafts in public went viral, police said.
Muslim Personal Law Board urges MPs to oppose Waqf Amendment Bill
Muslim Personal Law Board urges MPs to oppose Waqf Amendment Bill

The All India Muslim Personal Law Board (AIMPLB) has strongly opposed the Waqf Amendment Bill 2024 and has appealed to all secular political parties, including allies of the ruling BJP, to reject it in Parliament.

Copyright © 2025. Vartha Bharati. All rights reserved