Reflection – Crafted emoji cause WeChat application (for Android) service crash.

Preface: When mobile computing born, cyber attack (botnet attack) and data leakage rapidly growth. Do you think this is the destiny.

Observation: A proof of concept shown that a technical limitation occurs on TenCent WeChat 7.0.4 (android version). When a stranger send a craft emoji to WeChat user. The WeChat application will be crashed once open the emoji file. The security expert found the following reason:

vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application through 7.0.3 for Android allows attackers to cause a denial of service

Refer to attached diagram, the 1st phase of attack should get the IMEI. Perhaps the specify attack has per-requisite. So it let the people feeling that it is only an idea and therefore may not pay attention in high pioritty. But it is an alert signal to WeChat users. Why? Wechat’s plug-ins are encapsulated in jar files and so files in the / assets / preload directory (see attached diagram). Security expert found technical limitation on vcodec2_hls_filter in libvoipCodec_v7a.so. From technical point of view , attacker can be develop attack technique ride on this issue. Stay tuned.

End.