One of the features that WhatsApp added to its messenger service a couple of years ago is end-to-end encryption of messages. This means that messages cannot be read while in transit from one user to the other, thus making WhatsApp a relatively secure place to hold your chats on.

Advertising

However according to a recent report from WIRED, a flaw in WhatsApp has been discovered that could potentially allow strangers to add themselves (or other people) into private group chats. This discovery was presented at the Real World Crypto security conference in Zurich, where a team of German cryptographers shared their findings.

While this does sound rather scary, it should be noted that this can only happen if someone somehow manages to gain control of WhatsApp’s servers, and presumably WhatsApp has security measures in place to prevent that from happening. WhatsApp has since confirmed this flaw, but they also told WIRED that no one can secretly add group members without the knowledge of the other members in the group.

They add, “Existing members are notified when new people are added to a WhatsApp group. We built WhatsApp so group messages cannot be sent to a hidden user. The privacy and security of our users is incredibly important to WhatsApp. It’s why we collect very little information and all messages sent on WhatsApp are end-to-end encrypted.”

The researchers also claim that they notified WhatsApp of the flaw, but were told that the group invitation bug was merely a “theoretical” problem, and thus did not qualify for Facebook’s bug bounty program.

Filed in Cellphones. Read more about Apps, Security and Whatsapp.

Related Articles on Ubergizmo