Skip to main content
  1. Home
  2. Mobile
  3. News

Hackers may be able to access private WhatsApp conversations

By

whatsapp
WhatsApp
Private conversations beware! Despite end-to-end encryption now being commonplace in WhatApp conversations, German cryptographers have discovered a minor flaw in WhatsApp’s security that could lead to private conversations being gatecrashed by uninvited hackers, bypassing the usual chat admin invitations.

In their paper, More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema, presented to other enthusiasts at the Real World Crypto Symposium in Zurich, Switzerland, the team warned that WhatsApp has no security measures to stop invitations being spoofed from their own servers, leaving a hole that could leave millions of conversations at risk of being snooped on.

Recommended Videos

But it’s not all bad news. Essentially, the hacker would need to be in control of WhatsApp’s main chat servers — a fairly tall order — and only then would they be able to bypass the group’s administrator and insert users into any conversation. However, anyone who did manage to achieve this would then have near limitless power within the chat, being able to selectively block message visibility from accounts, and even block users from participating in the chat.

However, Facebook-owned WhatsApp doesn’t seem to be too worried about the potential hole in its security. A WhatsApp spokesperson (speaking to Wired) admitted that the flaw was real, but pointed out that there was no way that the added user could be hidden and receive messages from the group. WhatsApp has built-in security measures that stop hidden users from being able to participate in group chats, and anyone who wanted to snoop on a particular chat would find their cover quickly blown when the client announced their arrival to everyone in the chat, making it an inefficient way to spy on users. What’s more, disabling the flaw would likely break the “Group Invite Link” feature that many group chats enjoy — implying that the security issue likely stems from this particular feature.

However, Matthew Green of Johns Hopkins University called WhatsApp’s response “dumb,, likening it to leaving a bank’s vault open and relying on a single security camera to deter criminals. If any really sensitive information was stored in that group chat, then the hacker would have access to it, making WhatsApp’s lauded encryption useless.

WhatsApp has been in the news multiple times for reasons of security. After making all messages sent on its platform fully encrypted in 2016, the chat company has faced criticism from U.K. lawmakers, while action taken by Brazil was of a more serious nature.

Editors’ Recommendations

Topics
Mark Jansen
Mark Jansen
Contributor
Mark Jansen is an avid follower of everything that beeps, bloops, or makes pretty lights. He has a degree in Ancient &…
iOS 18 may fix one of my biggest issues with the iPhone
The quick settings screen in iOS 17 on the Apple iPhone 15 Plus

Apple’s Worldwide Developer Conference (WWDC) 2024 is just a few days away, and it’s definitely going to be a big one. There’s been a lot of talk about Apple finally adding some AI smarts in iOS 18 and macOS 15 -- but AI won’t be the only new thing coming.

A new report from MacRumors suggests that Apple is overhauling the Control Center with a new design and more customization options in iOS 18. This isn’t the first time that we heard this rumor. However, it seems that multiple sources who are familiar with the matter, according to MacRumors, claim that Apple has tested a redesigned version of Control Center for iOS 18.

Read more
Apple just admitted defeat to Android phones
A Google Pixel 8 Pro in Porcelain (left) with an iPhone 15 Pro in Blue Titanium held in hand.

For years, Apple’s smartphones have held a decisive upper hand over Android devices in one crucial aspect: the longevity of the software support cycle. In a nutshell, as long as your phone keeps getting updates, it will run just about fine.

Brand assurances play a crucial role in buyer behavior, as long-term update support means your phone will not only get new tricks but also security flaws patched. Notably, Apple is not into the habit of quoting how many years it will offer software support for each device, but it has held the crown for a while.

Read more
Google’s Gemini AI app gets a wider release. Is your phone on the list?
Google Gemini app on Android.

More people can now use and enjoy the Google Gemini AI app on their smartphone, as the company has expanded the list of regions where the Android version of the app is available through the Google Play Store. Specifically, it has launched the Android app in the U.K. and Europe, opening the service up far beyond its start in the U.S., where it was released in February.

What’s more, Google says Gemini will soon be available to iPhone owners, as the AI chatbot will appear on iOS in the next few weeks. It won’t be a standalone app though, as Gemini will instead work through the official Google app that can be downloaded now through the Apple App Store.

Read more