Skip to main content

Hackers may be able to access private WhatsApp conversations

Private conversations beware! Despite end-to-end encryption now being commonplace in WhatApp conversations, German cryptographers have discovered a minor flaw in WhatsApp’s security that could lead to private conversations being gatecrashed by uninvited hackers, bypassing the usual chat admin invitations.

In their paper, More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema, presented to other enthusiasts at the Real World Crypto Symposium in Zurich, Switzerland, the team warned that WhatsApp has no security measures to stop invitations being spoofed from their own servers, leaving a hole that could leave millions of conversations at risk of being snooped on.

But it’s not all bad news. Essentially, the hacker would need to be in control of WhatsApp’s main chat servers — a fairly tall order — and only then would they be able to bypass the group’s administrator and insert users into any conversation. However, anyone who did manage to achieve this would then have near limitless power within the chat, being able to selectively block message visibility from accounts, and even block users from participating in the chat.

However, Facebook-owned WhatsApp doesn’t seem to be too worried about the potential hole in its security. A WhatsApp spokesperson (speaking to Wired) admitted that the flaw was real, but pointed out that there was no way that the added user could be hidden and receive messages from the group. WhatsApp has built-in security measures that stop hidden users from being able to participate in group chats, and anyone who wanted to snoop on a particular chat would find their cover quickly blown when the client announced their arrival to everyone in the chat, making it an inefficient way to spy on users. What’s more, disabling the flaw would likely break the “Group Invite Link” feature that many group chats enjoy — implying that the security issue likely stems from this particular feature.

However, Matthew Green of Johns Hopkins University called WhatsApp’s response “dumb,, likening it to leaving a bank’s vault open and relying on a single security camera to deter criminals. If any really sensitive information was stored in that group chat, then the hacker would have access to it, making WhatsApp’s lauded encryption useless.

WhatsApp has been in the news multiple times for reasons of security. After making all messages sent on its platform fully encrypted in 2016, the chat company has faced criticism from U.K. lawmakers, while action taken by Brazil was of a more serious nature.

Editors' Recommendations

Mark Jansen
Mark Jansen is an avid follower of everything that beeps, bloops, or makes pretty lights. He has a degree in Ancient &…
No, the Journal app on your iPhone isn’t spying on you
Apple Journal app on an iPhone 15 Pro.

If you've spent any time on Facebook, TikTok, or any other social media site over the last couple of days, there's a chance you've seen people claiming that your iPhone is spying on you — specifically, with a feature called "Journaling Suggestions."

One post I stumbled across on Facebook made it sound rather frightening, warning me that the feature shares my FULL NAME and EXACTLY where I'm located to anyone nearby. The post told me to go and toggle the setting off immediately because it was "Very scary stuff!!"

Read more
What is Wi-Fi calling, and how does it work?
Wi-Fi Calling

Network coverage has been steadily improving, but there are still many people around the world who can’t get a decent phone signal in their homes. There are gaps in many networks, particularly in rural areas, as a quick glance at Open Signal’s coverage maps reveals. Wi-Fi calling could be the answer.
What is Wi-Fi calling?
Wi-Fi calling allows you to seamlessly use any Wi-Fi connection to make or receive calls when your network signal is weak. If you’re at home and there’s a dead spot in the back bedroom, or the bars on your smartphone drop down to one when you go into the bathroom, then your phone can automatically switch to your home Wi-Fi network and use that to make and receive calls.

The beauty of Wi-Fi calling is that it should work seamlessly. Assuming your carrier supports it, you’ve activated the appropriate setting on your phone, and you’re connected to a Wi-Fi network, then it should kick in automatically whenever you need it. All the calls you make and messages you send through Wi-Fi calling appear as normal in your usual messages app and call logs.

Read more
The top 7 bestselling phones of 2023 were all … you guessed it
Close-up view of titanium frame on iPhone 15 Pro Max.

Seven of the top 10 bestselling handsets in 2023 were iPhones, according to data from research firm Counterpoint.

This marks the first time in Counterpoint’s tracking of such data that Apple’s handset has dominated the chart to this extent.

Read more