Jeff Bezos, Amazon CEO, got his phone hacked and embarrassing text messages stolen off it from a vulnerability in the video parsing library in WhatsApp in a message sent to him by Saudi Crown Prince Mohammed bin Salman in 2018. So Amazon as a company is now very sensitive to what applications are installed on staff devices and how data on those devices can be extracted from vulnerabilities in other installed apps. This may be an outcome of that.

https://www.businessinsider.com/jeff-bezos-phone-hacked-saud...

Does anyone have any technical detail of that story. It is hard to imagine how a bug in the image parse library can be utilise to steal text message.

shp0ngle

oh bugs in the parsing libraries are the things MOSTLY used for attacks like this.

Parsing is hard, and parsers are buggy and lead to all kind of unsafe C code

voxic11

Exactly, parsers are complicated, generally involve a lot of manipulation of memory buffers, and for performance reasons are usually written in a language without memory safety (though this is starting to change with languages like px-1">https://github.com/p-org/P and rust).