Languagesx
English Deutsch
Subscribe
Home WhatsApp’s Group Chats security flaw and what you need to know about it

WhatsApp’s Group Chats security flaw and what you need to know about it

WhatsApp is a popular messenger service that is used extensively over mobile platforms. Since 2014 WhatsApp has introduced something called ‘End to End Encryption’ in order to secure the platform, which made all conversations private. This also means that no third-party can read them, be it government, criminals or even WhatsApp itself. WhatsApp incidentally relies on the Signal protocol for its end-to-end encryption. However, the WhatsApp group chats might not be as secure as the company claims.

The Security Flaw

According to a report by a team of German Security researchers, these Group chats can actually be infiltrated. The team found a security flaw in the security protocol of group messages for WhatsApp. According to this team, anyone with the control/access to the WhatsApp servers can add people into private group chats and it can be done so without the permission of the group admins.
The researchers say that this issue is a bug in Whatsapp’s Authentication System. They point out that “WhatsApp doesn’t use any authentication mechanism” when a new member is added to the group and this is something its own servers can spoof as well. Someone with control of WhatsApp’s servers can add a new person to a group without the administrator’s knowledge.
 
whatsapp-FaceBook-1

WhatsApp Knows about this!

WhatsApp confirms that they know about this flaw, they say that every time a new member is added to the group, all the group members will get a notification about the addition. In a statement to Wired, the company said, “We’ve looked at this issue carefully…Existing members are notified when new people are added to a WhatsApp group. We built WhatsApp so group messages cannot be sent to a hidden user.”
However the messages shared before the attacker enters the group cannot be read, it does give the person access to all messages which are shared after the malicious user has been added. The researchers say there are many risks in group chats where the hacker has control of the server, because they can then manipulate who gets what messages, delete messages and more. The security researchers have argued that security protocols on group chats will need to be enhanced in light of the vulnerabilities that have been pointed out by them.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags

Related News

Image showcasing the top AI voice generators as futuristic, sleek devices. A guide to the best AI voice generators
5 of the best AI voice generators
Suswati Basu
What is Suno AI? The music generator making waves. A vibrant digital collage featuring a large white circles representative of the Suno AI logo overlaid with black musical notes and staves, set against a bustling neon-lit cityscape and a backdrop of cybernetic and musical interfaces, representing the fusion of music and technology.
What is Suno AI? The music generator making waves
Suswati Basu
Apple opens App Store to game emulators amid EU pressure. An illustration of a hand holding an iPhone, with the screen showing the App Store icon. On the backdrop, there is a highlighted app icon for 'Retro Arcade Classics', a game emulator, surrounded by other app icons.
Apple opens App Store to game emulators amid EU pressure
Suswati Basu
Google may have fixed its Pixel scrolling issue. A smartphone displaying the Chrome logo with a graphic of a hand pointing to a downward arrow, symbolizing a scrolling action, on a vibrant Google-colored background.
Google may have fixed its Pixel scrolling issue
Suswati Basu
Proton Pass rolls out universal passkey support for users. A digital padlock symbolizing security is illuminated against a dark, network-connected backdrop, while a mobile device with a cheerful emoticon and a secure lock icon indicates passkey technology.
Proton Pass rolls out universal passkey support for users
Suswati Basu

Most Popular Tech Stories

Latest News

Life By You key art
Gaming

Life By You - Release date, trailers, platforms, and everything we know
Jacob Woodward9 mins

Developed by Paradox Tectonic, Life By You looks to take the life sim genre even further than before with an ambitious open-world experience. This, among other features, will allow you...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.