Here's Why Whatsapp's Group Chats ain't Safe Anymore
News

Whatsapp's Private Group Chats Can Be Hacked Without Admin Permission

Whatsapp's server can’t protect its Group Chats

Whatsapp\'s Private Group Chats Can Be Hacked Without Admin Permission

Whatsapp emerged as one of the leading messenger apps in the world due to its end to end encryption feature that made it impossible for an outsider to secretly eavesdrop on your conversation. Thanks to that, the messaging app accumulated unwavering loyalty of more than 1 billion daily active users as announced by Whatsapp last July. A team of German cryptographers just discovered that ain’t true anymore as Whatsapp’s group chats could be infiltrated by potential “hackers” without admin’s approval.

The end-to-end encryption protocol served by the Facebook-owned company eliminated the three big players in security theft - malicious user, network attacker, and malicious server. The encryption security offered to the users made it impossible for any company including Whatsapp or any server that transmits the data to decrypt your messages or establish a centralized position to manipulate your data.

The tables have turned it seems, for Researchers from Ruhr-Universität Bochum (RUB) in Germany have found a shocking revelation stating, “Anyone who controls the app’s server could insert new people into private group chats without needing admin permission.” The report further explains that “Only an administrator of a Whatsapp group can invite new members, but Whatsapp doesn’t use any Authentication mechanism for the invitation that its own servers can’t spoof.” The absence of this authentication mechanisms allows the server to add a new member to a Whatsapp chat group without the permission of the group chat administration. According to the report, “The phone of every participant in the group then automatically shares secret keys with that new member, giving him or her full access to any future messages.”

Paul Rosler, one of the researchers explains, “The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them.” “He can cache all the messages and then decide which get sent to whom and which not,” Rosler added. The two-year-old end-to-end encryption has played a vital role in establishing Whatsapp’s credibility, however, with the latest flaw disclosed, the messaging app might expect a few controversies. 

Speaking of controversies, it wasn’t too long ago when Whatsapp was in trouble with Indonesian government for showcasing lewd GIF images. The country witnessed a lot of users exchanging information related to the pornographic content which led the Indonesian government to take the issue to Whatsapp. WhatsApp fired back stating that the company couldn’t monitor the GIF images due to its end-to-end encryption which is set to ensure that users and the individuals they are communicating with can only read the messages. The government even threatened to block the messaging app if the scenarios didn’t change. Whatsapp has become an integral part of digital communication. Despite having rival messaging apps like Signal, the Facebook-owned company has gathered unwavering loyalty. Naturally, if the company wants to maintain that, tighter security needs to be enforced. 
 

Tanya <span>Editor In Chief</span>
Written By
Tanya Editor In Chief

She is a content marketer and has more than five years of experience in IoT, blockchain, Web, and mobile development. In all these years, she closely followed the app development, and now she writes about the existing and the upcoming mobile app technologies. Her essence is more like a ballet dancer.

News

The Upcoming iOS 11 Launch To Kill 1,87,000 Apps In The App Store

4 min read  

Apple is all set to release its next iOS update and the upcoming change is sure to have an impact on nearly 1,87,000 applications. The upcoming update of iOS 11, ready to go live next month will cater to an increased efficiency. Tech experts have claimed that old school apps will have a major dishev

News

Instagram Adds Support For Third Party Android Apps Providing Two-Factor Authentication

2 min read  

Instagram, takes the users' security seriously for not repeating the mistakes of its parent company. The social media platform has been working on a new feature for months and now finally released it. Instagram now, supports the third-party authentication apps like Google Authenticator and Duo M

News

Curiscope: An AR And VR Content Startup Raised $1 Million

4 min read  

Curiscope, an UK startup which deals with the AR and VR products has raised $1 million seed fund provided by the LocalGlobe. The UK based investment firm has led the funding event and end up backing the mixed reality product manufacturer startup.{IRP}Founded in 2015, Curiscope has its headqu

News

Great Jones Street is Shutting Down: Read More About The Fictional App Here

4 min read  

Great Jones Street, the popular fictional app has recently become the victim of ever-increasing profit making demand that every publisher wants its app to fulfill. While a number of superb applications have kept dying an unusual death, another great application Great Jones Street is going to shut do