WhatsApp Fiasco: Flaw in Messaging Service Allows Hackers to Exploit Chat

Security experts have uncovered a flaw in WhatsApp’s encryption that allows hackers to read people’s private group chats.
Sputnik

A team of crytopgraphers from Germany’s Ruhr University Bochum claim that anyone who controls WhatsApp’s servers can secretly add members to group chats, without people knowing it.

“The WhatsApp server can therefore use the fact that it can stealthily reorder and drop messages in the group. Thereby it can cache sent messages to the group, read their content first and decide in which order they are delivered to the members,” the team wrote in a published paper, Gizmodo reports.

Although only admins can add new members to private groups, anyone can trick the authentication process, essentially permitting themselves to spy on private conversations. 

According to the publication, this error can be used by hackers who manage to gain access to WhatsApp servers, or a government who may pressure WhatsApp to give it access to targeted group chats.


Discuss