How a WhatsApp call could have taken over your phone | Cyber Security
Cyber Security

How a WhatsApp call could have taken over your phone | Cyber Security

 

Related Posts

How AI, Machine Learning, and Endpoint Security Overlap

11 Useful Security Tips for Securing Your AWS Environment

Google just unsealed information about an apparently exploitable bug in that could have allowed a malevolent caller to take over your device.

Just answering a could have been enough to land you in trouble.

Project Zero researcher Natalie Silvanovich found a buffer overflow that could be triggered by data transmitted as part of the audio and video stream during a call.

WhatsApp, along with many other online calling apps, uses RTP, short for Real Time Protocol, for transmitting voice and video.

RTP was designed to be efficient – for example, it uses UDP instead of TCP, so that data arrives faster but less reliably. (UDP packets aren’t checked to see if they made it to the other end, and can arrive in a mixed-up order; TCP packets are verified and delivered in the order they were sent, which means more network overhead.)

If you lose some data packets from an app you are downloading, the entire download will be corrupted and useless; if you drop occasional voice packets, you’ll just have some inaudible moments in the call.

Unfortunately, RTP also squeezes its data into a binary packet format that needs careful unravelling at the other end to work out what sort of data was sent, how to deconstruct it, and how much data to expect.

You might also like

Google Launches Cybersecurity Career Certificate Program

ChatGPT Emerges as Key AI Tech for Security Vendors

Hackers Use HTML Smuggling To Distribute Malware by E-mail

5 safety tips to follow while making digital payment transactions

Leave A Reply

Your email address will not be published.