About Us Contact us Kannada

New Delhi: If you have received an MP4 video file on WhatsApp from an unknown number, you could be a victim of a new kind of hacking which uses a recently discovered vulnerability of WhatsApp to install malicious spywares in phones.

This security vulnerability allowed a remote attacker to target phones by sending a video file in MP4 format.

When notified about the security breach, the Indian Computer Emergency Response Team (CERT) categorised the threat under "High Severity" category.

Pegasus-like features

Israel-based spyware maker NSO Group was under spotlight recently for allegedly providing technology [Pegasus spyware] that used WhatsApp's video calling feature to attack user's phones.

A security message notified by WhatsApp's parent company Facebook said, "A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user."

Identified as CVE-2019-11931, this vulnerability message is similar to the one received by CERT from WhatsApp during the Pegasus snooping case.

According to the communication, this weakness could allow a remote attacker to force "Denial of Services (DoS) and Remote Code Execution (RCE)" which could be used to compromise any device running Android, iOS or Windows.

An attacker could use a person's cell number to send a video file through WhatsApp and install an unwanted program in their phones exploiting such vulnerability.

This security issue exists on both individual and business versions of the popular messaging app until the updates were rolled out in October earlier this year.

Although the latest security patch from WhatsApp claims to have fixed this problem, WhatsApp and Facebook have not given further details about the extent of possible execution of this exploit.

This comes even as the controversy around WhatsApp snooping refuses to die down, where phones of over a dozen activists, journalists and lawyers were allegedly compromised by an Israel-made spyware.

WhatsApp has been under fire for not providing adequate information to Indian authorities about the extent of attacks during Pegasus breach. The messaging app has sued NSO Group in a US court for violating its terms and conditions.

Government sources had earlier claimed that the information provided by WhatsApp is more of a "technical jargon" which didn't give much information about victims and extent of such attacks. WhatsApp had informed users separately about possible Pegasus attack on their devices.

Similar to the Pegasus incident, this vulnerability is also being called "a stack-based buffer overflow vulnerability".

According to CERT, "The exploitation does not require any form of authentication from the victim end and executes on downloading of malicious mp4 file on victims system."

Courtesy: www.indiatoday.in

Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.

Comments

Mumbai (PTI): Ryan Rickelton's whirlwind unbeaten ton was overshadowed by Heinrich Klaasen's unbeaten 65 as Sunrisers Hyderabad defeated Mumbai Indians by six wickets in an IPL match here on Wednesday.

Chasing an imposing 244-run target, Travis Head (76 off 30) and Abhishek Sharma (45 off 24) shared 129 runs for the opening wicket to set the platform for SRH.

Klaasen (65 not out off 30 balls) then displayed his all-round hitting abilities to guide SRH home with the help of Nitish Kumar Reddy (21) and Salil Arora (30 not out off 10) in 18.4 overs.

Earlier, Rickelton's knock powered MI to 243 for five.

MI rode on a 93-run stand between Rickelton (123 not out off 55 balls) and Will Jacks (46 off 22) in 7.1 overs for the opening stand to power the side.

MI skipper Hardik Pandya scored a valuable 31 off 15 balls before being dismissed.

Praful Hinge (2/54), Eshan Malinga (1/29), Sakib Hasan (1/39) and Nitish Kumar Reddy (1/31) were the wicket-takers for SRH.

Brief Scores:

Mumbai Indian: 243 for 5 in 20 overs (Ryan Rickelton 123 not out; Praful Hinge 2/54).

Sunrisers Hyderabad: 249 for 4 in 18.4 overs (Travis Head 76, Heinrich Klaasen 65 not out; AM Ghazanfar 2/51).

All Stories

Huge turnout amidst SIR shadow caps ballistic battle for Bengal
Huge turnout amidst SIR shadow caps ballistic battle for Bengal

The West Bengal assembly polls ended on Wednesday with what the election watchdog said was the state's highest-ever voter turnout of 92.84 per cent, leading to mouth-watering anticipation ahead of the announcement of results on Monday as both contenders sounded sanguine about their victory prospects.
MP: 12 labourers killed, 20 injured as pick-up van overturns and crashes into SUV
MP: 12 labourers killed, 20 injured as pick-up van overturns and crashes into SUV

 Twelve labourers were killed and 20 others injured when the pick-up van carrying them overturned and collided with an SUV in Dhar district of Madhya Pradesh on Wednesday night, an official said.
President Donald Trump to feature on limited edition US passports
President Donald Trump to feature on limited edition US passports

The State Department is all set to unveil a limited-edition US passport with pictures of President Donald Trump and the Founding Fathers to commemorate the 250th anniversary of American independence in July.

Copyright © 2026. Vartha Bharati. All rights reserved