A bug was found in Facebook Messenger. It allows you to eavesdrop on people

Facebook fixed a bug in the Messenger app for Android that allowed a remote attacker to call anyone

users and listen to them even before they answer the call. This bug was discovered by researcher Natalia Silvanovich from the Google Project Zero team.

The vulnerability could give an attacker who entered theapplication, the ability to simultaneously call and send a special message to the target. This provoked a scenario in which the caller will gain access to the microphone until the subscription answers or until the call timed out.

Facebook security manager Dan Gurfinkel noted that they've already fixed the bug. However, they have no data on how many hackers took advantage of the vulnerability.

In Russia, messengers have become the most popular applications

According to Silvanovic's technical record,the flaw lay in WebRTC's Session Description Protocol (SDP), which defines a standardized format for exchanging streaming media between two endpoints. It allows an attacker to send a special type of message known as "SdpUpdate", which will trigger a connection to the caller's device before he answers the call.

This vulnerability has been compared to a bug thatfound in Apple's FaceTime group chats last year. It allowed users to initiate a FaceTime video call and eavesdrop on their interlocutors. The company noted that they have fixed this error.

Read also

A meteorite fell on an Indonesian house. Its owner became a millionaire

Neurons in the human brain and the network of galaxies are similar

Due to plate movement, the Pacific Ocean floor is now deep under China