This is how you can crash your friend’s WhatApp just by sending smileys

Whatsapp your friend with a message containing nearly 4000 smileys and the friend will suffer with a crash everytime s/he opens the message.

Yes, you can crash your friends’ WhatsApp, both WhatsApp Web and mobile application, by sending them not any specially crafted messages, but just smileys.  Indrajeet Bhuyan, an independent researcher, has reported The Hacker News a new bug in WhatsApp that could allow anyone to remotely crash most popular messaging app just by sending nearly 4000 emojis to the target user, thereby affecting up to 1 Billion users.
Bhuyan is the same researcher who reported a very popular WhatsApp crash bug last year that required 2000 words (2kb in size) message in the special character set to remotely crash Whatsapp messenger app.

After this discovery, the company patched the bug by setting up the limits of characters in WhatsApp text messages, but unfortunately, it failed to set up limits for smileys send via WhatsApp.

“In WhatsApp Web, Whatsapp allows 65500-6600 characters, but after typing about 4200-4400 smiley browser starts to slow down,” Bhuyan wrote in his blog post. “But since the limit is not yet reached so WhatsApp allows to go on inserting…when it receives it overflows the buffer and it crashes.”

The recent bug tested on Android devices by multiple brands and caused the WhatsApp to crash. WhatsApp for Android devices including Marshmallow, Lollipop and Kitkat and
WhatsApp Web for Chrome, Opera and Firefox web browsers are affected by this bug.

There is a PoC video demonstration too and you can watch that here:

https://youtu.be/hEMD5y3WGt4

The best way to protect yourself is deletion of conversation when such message is received. If you become a victim of such message on WhatsApp, just open your messenger and delete the whole conversation with the sender.

However, remember, if you have kept some records of your chat with that particular friend, you’ll end up losing them all.

This trick will be famous and users will be vulnerable until a patch is released by the Facebook Inc.

LEAVE A REPLY

Please enter your comment!
Please enter your name here