WatsApp Security Flaw Makes Group Chat NOT SAFE
A team of German encoders discovered faults in the Wats App group chats regardless of end-to-end encryption, which creates possibility to sneak in private group chats without administrator permission. Wired.com has reported that on Wednesday, cryptographers of the University of Rohr Bochum in Germany stated this at the “Real World Crypto Security Conference in Zurich, Switzerland.
The report said, “Anyone who controls the app’s servers could insert new people into private group chats without needing admin permission,” It further said, “The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them,” It was stated by a researcher of Ruhr University. He also highlighted that attack on group chat by watsapp is possible due to a bug.
The report further said, “Only an administrator of a WhatsApp group can invite new members, but WhatsApp doesn’t use any authentication mechanism for that invitation that its own servers can’t spoof,” Thus the server conveniently add a new user in a group with no prior interaction with the admin.
You may also like 12 WatsApp Features you Surely Won’t Know About
The report further said, “The phone of every participant in the group then automatically shares secret keys with that new member, giving him or her full access to any future messages,”. Currently WatsApp has 1.2 billion active users on monthly bases. The app is available in over 50 languages and 10 Indian languages.
Two years back, end-to-end encryption was added to every conversation. Researchers said that attacker once get control of WatsApp server, automatically get access to the conversation. He can also use the server to block selective messages in the group. Rosler said, “He can cache all the message and then decide which get sent to whom and which not,”
Wired.com findings were confirmed by the WatsApp spokesperson, he said, “no one can secretly add a new member to a group and a notification does go through that a new, unknown member has joined the group”. We’ve looked at this issue carefully,”
Apparently, WatsApp may give the group admin more power to control messages, images, videos, GIFs, etc as per his choice.