Pinterest Stumbleupon Whatsapp
Advertisement

WhatsApp has gone from a newcomer on the messaging scene to the biggest name in the business, and with that increase in size has come a big jump in the number of people looking to take advantage of the app’s users. If you use WhatsApp, there are a lot of threats out there that you should know about – here are a few of the big ones.

Web Malware

Now that you can use WhatsApp via a web interface WhatsApp Web: Everything You Need To Know WhatsApp Web: Everything You Need To Know Along with supporting all mobile platforms, WhatsApp has now launched a web-based client, so you can finally use WhatsApp on your PC and sync with your phone. Read More , there are people out there distributing bad download links that look like real WhatsApp clients, but will saddle you with a bunch of malware. Kaspersky Labs found a number of these suspicious downloads in a variety of languages.

whatsapp-web

These sites collect information from downloaders and distribute malware. Kaspersky researchers found ones that add users to WhatsApp spam lists, some that come packaged with trojans, and some that distribute malware designed to get at banking information.

Fortunately, the solution to this problem is a simple one: make sure that you’re using the official URL. To use the web app, go to http://web.whatsapp.com/. You don’t need to download any apps or browser extensions – you only need to go to the correct page and sign in.

Crash Messages

A while ago, someone discovered that you could crash someone else’s instance of WhatsApp by sending a message over 7 MB in size. After receiving the message, WhatsApp will crash every time the user tries to open the thread, and the only way to regain control of the app is to delete the thread. It was recently discovered that the same thing could be done by sending a much smaller message – only 2 KB in size – that contains a set of special characters.

Advertisement

Even if a message is backed up, restoring the conversation doesn’t solve the problem; it’ll still crash the app. This exploit works not just with messages to individuals, but also to groups, in which case every member of the group will experience the crash and need to leave the group and delete the thread. This might not sound like a big deal if you only use WhatsApp to organize rides to the bar, but many people use the app for business as well, which means this vulnerability could be a huge pain.

As of yet, there’s no way fix or defend against this exploit. Your best hope is that Facebook and WhatsApp quickly fix the problem before more people find out about it. Fortunately, however, this doesn’t seem to happen on every platform; so far, it’s only been seen on Android.

Bypassing Privacy Settings

Maikel Zweerink recently discovered that WhatsApp, even with the increased security that has been put in place recently, isn’t nearly as safe as we think it is. He showed proof that a simple app called WhatsSpy Public can monitor status messages, status changes, and user photos, as well as adjust security settings, even if the app’s owner has set the privacy options Everything You Need To Know About Your WhatsApp Privacy Settings Everything You Need To Know About Your WhatsApp Privacy Settings Read More to “nobody” (you can see a small sample of the sort of information that the app can pull below).

panel-whatsspy-track

Zweerink was experimenting with WhatsApp to create a bot, and was shocked when he found out how it could be used to track other users despite their privacy settings. He also wrote a detailed blog about the problems he discovered that is certainly worth a read. This is a particularly worrying development, even for an app that’s had a lot of worrying security problems recently.

As far as we know, there’s no way to protect against this, and we’ll just have to wait for the WhatsApp developers to find a way to fix it.

Spying on Other Users

WhatsApp recently debuted end-to-end encryption, making it much more secure than it’s been in the past. Despite this, however, there are still a few ways that other people can listen in on your conversations. There’s a piece of spy software The Dangers of iPhone Spy Software & How To Detect It The Dangers of iPhone Spy Software & How To Detect It Considering spying on an iPhone? Think you've got a compromised device? Here's what you need to know. Read More called mSpy, for example, that sends reports on calls, browsing, text messages, WhatsApp conversations, and more, back to the owner of the app. All they have to do is get the app onto your phone which just takes a few minutes.

mspy-features

Paying close attention to the apps that are installed on your phone will help you catch spyware like mSpy, but MAC spoofing is a more insidious and harder-to-detect method of listening in on WhatsApp conversations. A phone’s MAC address What Is a MAC Address & Can It Be Used To Secure Your Home Network? [MakeUseOf Explains] What Is a MAC Address & Can It Be Used To Secure Your Home Network? [MakeUseOf Explains] Network structure and management have their own lingo. Some of the terms thrown around will likely already sound familiar to you. Ethernet and Wi-Fi are largely self-obvious concepts, although it may require a little bit... Read More is a unique identifier, and WhatsApp uses this address to route messages. By temporarily assigning someone else’s MAC address to your phone, you can intercept their WhatsApp messages (though they also get sent the intended recipient).

The best way to make sure that your messages aren’t being intercepted in this way is to not give anyone who you don’t trust access to your phone. It doesn’t take long to get the MAC address for a phone, and once you have it, it’s easy to spoof it from another phone. Detecting and preventing MAC spoofing isn’t easy, so not giving anyone the chance to do it in the first place is your best bet.

Should You Get Rid of WhatsApp?

WhatsApp is a great messenger app, but between Facebook’s ownership of it and the ever-increasing number of security worries, it’s looking like it might be a safer idea to use a more secure messaging app Forget WhatsApp: 6 Secure Communication Apps You've Probably Never Heard Of Forget WhatsApp: 6 Secure Communication Apps You've Probably Never Heard Of The Electronic Frontier Foundation (EFF) is a lobby group dedicated to "defending civil liberties in the digital world". They maintain the Secure Messaging Scorecard, which makes for worrying reading for fans of instant messaging. Read More , like Telegram, a very popular alternative Telegram Provides A Secure & Fast-Growing Alternative To WhatsApp Telegram Provides A Secure & Fast-Growing Alternative To WhatsApp Read More . While most users won’t find that they get taken advantage of because they’re using WhatsApp, the worry will always be there. And now that WhatsApp has been identified as a high-priority target for hackers, it might not be worth the risk.

Do you still use WhatsApp? Are you worried about the security vulnerabilities that have shown up over the past few years? Share your thoughts below!

Leave a Reply

Your email address will not be published. Required fields are marked *