WhatsApp exploit found, allows snooping private group chats

Matti Vähäkainu
12 Jan 2018 12:53

WhatsApp became quickly the world's largest instant messaging platform, and for a good reason. The company has offered early on such important features as end-to-end encryption.
Security features are near and dear to WhatsApp's heart, but that doesn't mean that it doesn't have any problems. Facebook owned messaging platform has been hacked by a group of researchers that say they've found a way to join seemingly private conversations, Wired reports.

The researchers from Ruhr University Bochum in Germany showcased their finding at the Real World Crypto security conference held in Switzerland. At the Zurich conference, German cryptography researchers explained how a person breaching into WhatsApp servers could add new members to group chats without the administrators approval as is the case normally.
The chat room members, however, see this new member as approved by the administrator, and he can see the encrypted conversations between all group members. According to the researchers this will not allow the newly, and fraudulently, added member to see previously sent messages.

Fortunately the exploit does require access to WhatsApp servers, which isn't exactly the easiest task. One could also expect more harm from access to WhatsApp's servers than snooping local crochet club's trending patterns.

As long as WhatsApp keeps their servers secure, stops their employees from snooping, and doesn't allow any government intervention, we should be fine and dandy. However, if you are still worried, the researchers suggest switching to Signal.

More from us
Tags
security breach hacking Hackers Signal WhatsApp
We use cookies to improve our service.