• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Attacks using binaries

Hello,

Since the last half of the year, many people are constantly attacking groups and chats in WhatsApp using binary messages (like 0.7.0.7.0.7.0.7.0.7.0.7... until more than 5000 characters), which causes the phone to get frozen or lag for hours making it unusable. This problem is only on Android, because iPhones don't have that issue and are not affected by that type of attack.

It's really annoying when a lot of stalkers are always harassing others by sending binaries on a group or by private message, or adding you to groups called "jails" where they send virus and binaries so when you want to use your phone, it's frozen.

And they use fake US accounts thanks to other Android apps (which generates you a fake phone number).

When is it going to be a solution for that? Does anybody has an actual solution to this?
 
I would think you'd need to take this up with WhatsApp, since they control their own platform.

I don't know, but I read that iPhone and Windows Phone don't have that problem because they have different built-up, language, OS or components, etc. while Android structure suffers trying to process and read this kind of information and they use Java language, so that's why I think this is an Android issue.


Could be an WhatsApp's bug.

WhatsApp has a lot of bugs, like treating the status (the snapchat thing that lasts for 24 hours) as if I were sending a message to all my friends, so since I have 6000+ contacts, everytime I want to update/upload my status it causes me a lot of lag; or whenever you delete a chat of a group that has 4000 to 10000+ messages, you also get tremendous lag that can last the whole day. But in this case, I think it's Android problem, since it doesn't happen on iOS.
 
Well it's definately a WhatsApp problem, it doesn't affect anyone who isn't using WhatsApp Messanger, and very likely only WhatsApp Inc. can fix it. Presumably this attack has been reported to them and they are aware of it, and so they're taking measures to rectify the situation, if they haven't already done so.

I think all they got to do is block the sending of binary messages of more than 5000 characters or whatever it is, which is not something typical WhatsApp Messenger users will be doing anyway. It sounds like a buffer overflow vulnerability in the Android version of WhatsApp.
 
Last edited:
I don't know, but I read that iPhone and Windows Phone don't have that problem because they have different built-up, language, OS or components, etc. while Android structure suffers trying to process and read this kind of information and they use Java language, so that's why I think this is an Android issue.

Don't believe everything you read ;)
If there is a problem, it'll be app specific, not O/S. And variable overflow can occur in any programming language, if you try and assign a big value to a data type which can't handle it.
 
read that iPhone and Windows Phone don't have that problem ... so that's why I think this is an Android issue.

A little faulty logic going on here.

Don't take these comments the wrong way. We understand that it's frustrating as well as a serious vulnerability in the app. There are over 2.5 million apps in the Google play store and most work just fine on the Android/Java platform. There are also apps that are buggy and poorly coded. Just look at similar apps like WeChat or Facebook (shudder) who don't exhibit the same problems. If it were a systemic OS bug, they ALL would have this problem.

I'm sure WhatsApp is aware of the issue and is probably working to resolve it, but you have to put the pressure on them. Android is not going to redesign Android to accommodate one app.
 
Thank you for your responses.

Yeah, I know that not everything one reads should be trusted, though those pieces of information I read from other Android specialized webs, technology and development webs and also some newspaper webs. But anyway.

Also, the "Notes" app in the Android phone (eg. Samsung Notes) always crashes if you try to open a note where you saved a binary message that was used to attack. So, after you save it, this file becomes unopenable. I saw a video of a person using the notes of iPhone and it didn't crash there.

When these people (usually belong to a "legion") attack a group, they say something like "haha, all dead, it seems everyone here uses Android". And the people who harass by private message is constantly using fake US numbers, so even if you block them, they come back again with other number the following day. It would've been great if they added a filter for unknown people.

And yes, if only they block the sending of binary messages that'd be useful, unfortunately there's more and more people doing it, there are even tutorials in YouTube of how to send binaries, cause lag and attack others and they have +10k views, and not only the stalkers use binaries but other types of messages full of weird characters, also they use .vcf files which is a contact with more than 90000 characters and icons, so when they share this contact, WhatsApp freezes and crashes, if you add the contact, the contact app of your phone also crashes everytime you try to open it.

If it's up to WhatsApp, then unfortunately it will never be a solution, as the developers are very neglectful and do nothing with the constant complaints and reports and this has been around for many months. All what they did this year was doing pointless updates with pointless features, such as sliding messages to reply which makes no difference from just holding the message to reply and it actually made the chat traffic slower than before; or deleting messages which is annoying and it's used by trolls for trolling; or now recently the stickers, which causes more lag and they directly appear in the chat like the voice notes, so it automatically fills your memory. These updates were useless.
 
Thank you for your responses.

Yeah, I know that not everything one reads should be trusted, though those pieces of information I read from other Android specialized webs, technology and development webs and also some newspaper webs. But anyway.

Also, the "Notes" app in the Android phone (eg. Samsung Notes) always crashes if you try to open a note where you saved a binary message that was used to attack. So, after you save it, this file becomes unopenable. I saw a video of a person using the notes of iPhone and it didn't crash there.

Well "notes" type apps from manufacturers are usually proprietary their respective manufacturers and phones, such as Samsung Notes, Apple Notes, Huawei Notes, etc. and may not be easy to transfer your notes content from one system to another. If the Samsung Notes app is buggy and crashes, that doesn't affect anyone else anyway, it only affects Samsung users. Also why would one be saving this "binary message" of which you speak anyway?

For my notes use I've used Microsoft OneNote for years, and that is very cross platform with syncing, for computers and all phones, and it's reliable on Android. There's also things like Evernote as well.

When these people (usually belong to a "legion") attack a group, they say something like "haha, all dead, it seems everyone here uses Android". And the people who harass by private message is constantly using fake US numbers, so even if you block them, they come back again with other number the following day. It would've been great if they added a filter for unknown people.

And yes, if only they block the sending of binary messages that'd be useful, unfortunately there's more and more people doing it, there are even tutorials in YouTube of how to send binaries, cause lag and attack others and they have +10k views, and not only the stalkers use binaries but other types of messages full of weird characters, also they use .vcf files which is a contact with more than 90000 characters and icons, so when they share this contact, WhatsApp freezes and crashes, if you add the contact, the contact app of your phone also crashes everytime you try to open it.

If it's up to WhatsApp, then unfortunately it will never be a solution, as the developers are very neglectful and do nothing with the constant complaints and reports and this has been around for many months.
All what they did this year was doing pointless updates with pointless features, such as sliding messages to reply which makes no difference from just holding the message to reply and it actually made the chat traffic slower than before; or deleting messages which is annoying and it's used by trolls for trolling; or now recently the stickers, which causes more lag and they directly appear in the chat like the voice notes, so it automatically fills your memory. These updates were useless.

It most certainly is WhatsApp's problem, nobody else can fix their broken shit. If WhatsApp Inc. are taking that attitude, that's grossly irresponsible IMO, and they may well be leaving themselves open to lawsuits or worse. Don't have to use WhatsApp anyway, I use WeChat much more.

Frankly I only have WhatsApp to call my dad sometimes. :)
 
Last edited:
those pieces of information I read from other Android specialized webs, technology and development webs and also some newspaper webs

Can you provide links to those resources?
You seem to be of the opinion that you've hit a general Android problem, just because you don't get the same behaviour on iPhone. Until I see what made you believe that, then I remain unconvinced.

Also, the "Notes" app in the Android phone (eg. Samsung Notes) always crashes if you try to open a note where you saved a binary message that was used to attack. So, after you save it, this file becomes unopenable. I saw a video of a person using the notes of iPhone and it didn't crash there.

You know that a native iPhone app and an Android app share absolutely zero code right? To start with, they're using completely different programming languages, and are probably written by different teams. So just because the iOS version works perfectly, doesn't mean that the Android version will too (or vice versa). My point is, the problem with the Android version could be caused by a coding error within the app. This behaviour doesn't imply some sort of general problem with the O/S. You're coming to false conclusions.

Again, post technical data sources to back this up, and I'll keep an open mind.
 
When these people (usually belong to a "legion") attack a group, they say something like "haha, all dead, it seems everyone here uses Android". And the people who harass by private message is constantly using fake US numbers, so even if you block them, they come back again with other number the following day. It would've been great if they added a filter for unknown people.

Unfortunately there are always people who will take an exploit to it's extreme, whether it's for nefarious purposes or just to be 'funny' (which usually translates into being an obnoxious brat). All we can do is bring it to the attention of those who can fix it, and then hope someone is listening.
 
And let's be clear, Apple have had such problems before with their own apps rather than 3rd party ones like WhatsApp. These things can happen with any development team.

The fact that WhatsApp haven't fixed their Android app (as said above, not a line of code in common with their iOS app) is an indictment of them. But frankly a lot of companies only care about fixing problems when they become a threat to their bottom line, which often means publicity is more effective than any feedback...
 
Back
Top Bottom