WhatsApp Vulnerability – Although WhatsApp uses end-to-end encryption, it is possible to read data from strangers. A hacker has discovered a vulnerability and has published a corresponding script with guidance in his blog. Allegedly, this gap is classified as safe by Facebook.
WhatsApp with weakness
Not all data listed in WhatsApp is secret. For example, the user’s own hand number, his own profile, the status line and the on-line status of stored contacts can be seen. If a phone number is stored in the phone book, the contact can access it. However, such information is not necessarily secret.
However, it is different if such data can also be tapped from afar. The hacker Loran Kloeze from the Netherlands and at the same time also security experts, has published a script in his own blog, which shows how everyone can take hundreds of profiles within a few seconds and also verify telephone numbers.
Any phone numbers visible
WhatsApp Web allows the use of the messenger on the PC. Data is transferred to the server via a connected smartphone. The browser then gives the server the command to announce information about a specific phone number. Data such as profile, status or status messages (online or offline) may only be sent to known persons or contacts. In a blog entry, Loran Kloeze describes how it is possible to automate the WhatsApp web function to check which phone numbers are known and active at WhatsApp.
According to Kloeze works with any numbers and also massively with many numbers at once. The fact that it is possible to check massively which telephone numbers are given and whether they are actively used, also opens the door to cybercriminals. The hacker should have questioned at Facebook. Apparently, the technical gap is known to the Group, but is probably not classified as dangerous. To prevent the readout, Facebook points to the WhatsApp privacy settings. There, the user can set which data should be available to which contacts. Provided that WhatsApp users personalize their privacy settings accordingly, or is aware of this feature at all.
Heinz-Peter Ollie Hildebrand