A security researcher has identified a flaw in the popular WhatsApp messaging platform on Android devices, which could allow attackers to launch privilege elevation and remote code execution (RCE) attacks on victims.
Exploiting the flaw—described in a Wednesday post on GitHub by a Singapore-based “technologist and an information security enthusiast” called Awakened – is a rather complicated affair. An attack involves a bad actor sending a malicious GIF file to a victim via “any channel,” whether it’s an email or in a direct message on WhatsApp.