New security bug in WhatsApp allows anyone to track user status
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
February 16, 2015
A new security bug discovered today in WhatsApp allows anyone to track a user’s status, regardless of their privacy settings.
The same security flaw also lifts data on profile pictures, privacy settings and status messages, again regardless of user's privacy settings.
Maikel Zweerink, a Dutch University student, has published a tool called WhatsSpy Public to illustrate the security risk.
Using WhatsSpy Public dumbs down the process of stalking a target through their use of the mobile messaging app, he says.
The proof-of-concept tool is intended to push WhatsApp into action rather than making life easier for would-be spies and stalkers, Zweerink added.
It should also be noted that would-be hackers wouldn’t need to be WhatsApp users themselves to perform mischief on users.
Explaining his decision to release such a tool, Zweerink said-- “WhatsSpy Public (not to be confused with WhatsSpy) is a web-oriented application that tracks every move of whoever you like to follow. This application has been setup as a proof of concept that WhatsApp is broken in terms of privacy” he added.
He then said “The privacy options are broken but you wouldn’t realize the impact it actually has.”
To be sure, WhatsApp is no stranger to the occasional privacy controversy. For example, one recently discovered security flaw allowed anybody to see a user’s profile photos even if they had set it to ‘Contacts Only’.
Security researcher Indrajeet Bhuyan also discovered related sync issues with WhatsApp’s recently introduced web interface.
We have contacted WhatsApp for comment but we have yet to hear back from them. We'll update you if and when we get more new information on this security issue.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!