A security flaw in the Android operating system has allowed access to a series of user conversations and messages on the popular service WhatsApp.
The security issue seems to still exist, even though Android has issued an update for its operating system. The security vulnerability allows hackers to steal conversations from users of WhatsApp.
Naturally, users will not be very happy to find out that their conversations can be accessed at any time by cyber criminals.
Well, the flaw in this system was first traced by Bas Bosschert, the CTO of Doublethink company, who actually detailed the entire issue in a blog post. In his post, Bosschert showed how WhatsApp charts can be easily accessed, by anyone.
The newest update made to the app by Google came last week. However, Bosschert said that despite the update, the security flaw still exists. It seems that the reason why this occurs is actually linked to the fact that the database of the service is saved on the SD card. This means that any Android application might potentially access the card.
Bosschert said that a malicious app can easily access WhatsApp conversation database. “So, we can conclude that every application can read the Whatsapp database and it is also possible to read the chats from the encrypted databases. Facebook didn’t need to buy Whatsapp to read your chats,” he said. On his blog, Bosschert actually provides a full guide on what to do to hack WhatsApp.
At the time when WhatsApp was purchased by Facebook for the record sum of $19 billion, the founders of the app claimed that they will keep user data private. The popular messaging service has about 450 million users today.
The service has become well known for its interest in protecting user data. In fact, it has been claimed that WhatsApp deletes messages from the company’s servers immediately after being delivered, this giving no time to anyone to track users or access their conversations.
What users can do is to be very careful at the apps they download, verifying their source, as well as reading the fine print before download. The vulnerability traced now is limited to Android and its system of storing data.