COVID-19 Update

Popular Encrypted Messaging App WhatsApp Has A History of Security Flaws

If your business uses WhatsApp to communicate with team members or customers, you should at least be aware of the app’s history of security flaws.

Leave a Comment

If your company uses WhatsApp to communicate among its team or with customers, you might want to evaluate your other options as the popular end-to-end encrypted messaging service has endured some security issues this year.

Most recently is a vulnerability that could allow a hacker to deliver a malicious message to a group chat that would crash the app for all members of the group. Users would be forced to uninstall and reinstall the app and delete the group message that was targeted, according to cybersecurity provider Check Point, which discovered the latest vulnerability.

That could have serious consequences for a business using it to communicate with employees or its customers. This also has implications for U.S. national security, as some White House staffers have reportedly used the app to communicate.

Check Point disclosed its findings to WhatsApp in August, and the Facebook-owned company has since patched the issue, but users still need to update to the latest version of the app.

A history of security flaws

According to Forbes, this is hardly the app’s only security issue.

In May, WhatsApp revealed that a major cybersecurity breach enabled targeted spyware to be installed on phones through voice calls thanks to a malicious code from Israeli technology firm NSO Group Technologies.

Other security flaws found this fall included the ability to use a GIF to access a user’s content and a “stack-based buffer overflow” that could be trigged by sending an MP4 file to a WhatsApp user that could compromise the system and allow malware to be implanted on the device to eavesdrop or control it remotely.

Now, government officials are working with Facebook to come up with a solution that would give law enforcement a backdoor into WhatsApp communications to help fight terrorism and other crimes.

Read Next: 4 Steps for Creating a Cyber Security Strategy for AV Clients

WhatsApp became popular because of its encryption, security and privacy, especially in the 21st century as when normal business functions like email and payment solutions are increasingly the target of cyberattacks.

The company does offer an enterprise-focused version of the app that it released in 2018 and made available on iOS this fall, WhatsApp Business, but Facebook confirmed that some versions of the business app were affected by the Israeli hack and GIF hack.

It’s important to note that the company has since fixed the issues, but they seem to keep popping up.