Recently security researchers have revealed a security flaw in WhatsApp which can permit anyone to gain access to private group chats.
We all know that WhatsApp provides end-to-end encryption for its users and with type of encryption, not even employees at WhatsApp can open any file or message in any WhatsApp account.
However, according to Experts, the recent flaw in WhatsApp allows a backdoor to people including staff, hackers, and governments who lawfully order for access to spy on anyone’s conversation.
The news is shocking as despite the fact that WhatsApp has end-to-end encryption, now anyone who controls WhatsApp’s servers can insert people into WhatsApp groups without getting the permission of the chat group’s admin.
A team of researchers from Ruhr University Bochum in Germany presented this study in Zurich, Switzerland at the Real World Crypto security conference.
According to the grapevine Facebook is aware of the bug as in reply to the study, Alex Stamos, the company’s Chief Security Officer took to Twitter to present an clarification:
“On WhatsApp, existing members of a group are notified when new people are added. WhatsApp is built so group messages cannot be send to hidden users and provides multiple ways for users to confirm who receives a message prior to it being sent.”
In another tweet he said,
“WhatsApp has looked at the report carefully – following the researcher’s plan would necessitate a change to the way WhatsApp provides a popular feature called group invite links – which are used millions of times per day.”
It is important to mention here, apart from all end to end encryption in Whatsapp, CIA can bypass its encryption. If anyone of you thinks how? Then the answer is simple as they don’t need to crack the encryption if they can obtain the information before it is encrypted.
They have such tools which can hack into the OS of a smartphone and can use unencrypted original data.