WhatsApp Easy to Hack

WhatsappWhatsApp is easy to hack, it has been claimed, by Bass Bosschert, a Dutch security expert from Holland. Bosschert decided to investigate if it was possible to read and upload WhatsApp chat from one  Android application to another. And the answer was a worrying “yes”, even after Google’s update of the App last week.

Boschertt, CTO of start-up Double-think, writes in his blog exactly how to go about hacking into other people’s WhatsApp. He explains that the WhatsApp database is saved on the SD card of an Android and that any Android application can access that information if the user allows them. And, he points out, because users tend to allow anything onto their Android device, this is not a problem. Boschert then goes on to outline how to go about the process, providing visual cues. Bosschert is clear to point out that the security issue is not the fault of WhatsApp, stating that it is a flaw in the Android’s data sandboxing system.

The claims that WhatsApp is easy to hack will not be welcomed by the millions of WhatsApp users worldwide. The company, which was founded in 2009, has around 400 million users a month, and for good reason. The app allows users to send messages, photos and videos for free, both nationally and internationally. Users can download it on their phones with ease and, the most appealing aspect of the app, it is free for the first year, with users paying a small fee after.  The idea that their chats can now be easily hacked into might make WhatsApp users consider paying more for another service with better security.

WhatsApp have issued a statement about the claims. The company acknowledged the news but said it was “overstated.”  They pointed out that under normal circumstances, SD card data is not exposed, however if users download malware or a virus then they might  be at risk. Whatsapp went on to say that its users should be careful to update software for their apps to help with security issues, and should only download software from trusted companies.

How Facebook feel about the latest claims is not yet known. The company recently paid $19 billion for WhatsApp. That buyout was not without its controversies. Many claimed the buyout threatened users privacy prompting WhatsApp to update the app. One update was allowing privacy options such removing the last seen function which allows other WhatsApp users to be able to see when someone last checked their messages. The irony of the privacy issue was not lost on Bosschert who said that with the latest revelations that other android users could hack into your WhatsApp and spy on you, Facebook did not really need to buy out the company in order to so themselves.

The news that WhatsApp is easy to hack will be the talking point of many in the technological world. Facebook and WhatsApp will have to act fast to keep the millions users switching to another service, or another service competing with it on the security front. More news such as the recent announcement that WhatsApp would allow users to make phonecalls for free on top of messaging might have to be released quicker than it takes to follow Bosschert’s step by step WhatsApp hacking demo and spy on what your competitors, family or friends are up to.

Commentary by Christian Deverille

Sources:
The Daily Mail
Bas Bosschert
The Inquirer