WhatsApp is one of the most popular messaging apps in the world, with 2.2 billion people using it to share texts, images, or voice messages with their contacts. That’s why a tweet about unsolicited, background microphone usage has caused serious concern for some of the privacy-aware WhatsApp users:
The issue appears to be caused by a compatibility issue between the app and the latest version of Android, and WhatsApp has sent out a note stating that they are working on a fix for the issue, but it's unclear when that will be available.
To alleviate any concerns, we looked at the latest version of the WhatsApp messaging client for Android (2.23.10.13) so you don’t have to. Here’s what we learned:
Looking for mediarecorder.setaudiosource, as well as for the android.media.AudioRecord wrapper, we identified the code sections that could be used for audio recording.
Digging deeper, the .startRecording()
method reveals that it is called from two different classes (com.facebook.redex.RunnableRunnableShape22S0100000_20 and X.C61772ve
).
The second place the startRecording()
function is used is in voice notes, as shown below.
To conclude, the only way to trigger the microphone is by also showing the user the voice recording activity in progress. The false microphone access bug in WhatsApp is an issue that’s affecting some Android users, but it’s not a cause for panic.
Bugs happen with any app, and developers usually respond quickly with a fix. In the meantime, it’s always a good idea to keep your apps and phone software up to date. If you don’t already have one, you might also want to install a dedicated security solution to monitor the behavior of applications on your device.
Note: the technical analysis was made available courtesy of Bitdefender security researcher Răzvan Goșa.
tags
The meaning of Bitdefender’s mascot, the Dacian Draco, a symbol that depicts a mythical animal with a wolf’s head and a dragon’s body, is “to watch” and to “guard with a sharp eye.”
View all postsDecember 19, 2024
November 14, 2024