New 0-Click WhatsApp Account Takeover Attack Targeting iOS 16 Users
Why This Matters Now: In December 2023, a new 0-click attack targeting iOS 16 users was discovered, allowing hackers to take over WhatsApp accounts without any interaction from the victim. This became urgent because it exploits a critical vulnerability in the app’s handling of media files, making millions of users vulnerable to unauthorized access. As of January 2024, no patch has been released, leaving users exposed. 🚨 Breaking: Over 100 million WhatsApp users on iOS 16 are at risk of account takeover due to a new 0-click vulnerability. 100M+Users Affected 0-ClickAttack Type Understanding the Vulnerability The vulnerability lies in the way WhatsApp handles media files sent via the app. Specifically, the attack involves sending a malicious media file that triggers a buffer overflow in the app’s image processing library. This overflow allows attackers to execute arbitrary code on the victim’s device, gaining full control over the WhatsApp account. ...