A security researcher has uncovered a serious flaw in Facebook-owned WhatsApp messaging app. This loophole exists in both the desktop and mobile apps. He found that by sending about 4,000 smileys to a target, the WhatApp app starts to slow down and ultimately crashes.
How WhatsApp smiley bug works?
In the WhatsApp Web app, you are allowed to send a message with about 6,500-6,600 characters. But, after typing about 4,000-4,200 smileys, the browser/app starts to slow down. As you type more and more smiley faces, WhatsApp crashes when you type and send.
“….so it crashes while we type and send and in mobile too when it receives it overflows the buffer and it crashes,” Bhuyan explains.
This WhatsApp smiley bug affects Firefox, Opera, and Chrome PC browsers, along with iPhone and multiple versions of Android OS.
Video demonstration of WhatsApp smiley bug:
Here’s the video demonstration of the bug showing how the attack crashes WhatsApp:
Here’s how to protect yourself from WhatsApp smiley flaw?
Bhuyan has reported the smiley bug to WhatsApp. “This can also be used to do a Denial of service in the browser and it freezes the browser and gives a ‘not responding’ error,” he adds.
Till the issue is fixed, here’s a simple way to save yourself from the attack.
Once you receive this full-of-tons-of-smiley message from someone, you’ll have to open the messenger and delete the entire chat with the attacker.
Have something to add to this WhatsApp bug story? Tell us in the comments below.