This WhatsApp flaw lets hackers, stalkers "monitor" your activities!
Over 1.2-billion people use WhatsApp everyday around the world; however, it turns out the popular messenger can also be used by stalkers and hackers to spy on people.
Despite claims of privacy protection and end-to-end encryption, WhatsApp suffers from a flaw in the harmless "status-tracking" feature (last seen/online status).
Anyone with a little technical knowledge can monitor users' activities, including sleeping patterns.
Privacy breach flaw discovered in WhatsApp
Flaw allows users to be snooped on
Information collected using the status-tracking trick can also be used by stalkers to correlate two or more users communicating with each other.
Heaton found other similar security-related vulnerabilities even in the past.
WhatsApp seems to encourage openness in other ways: Heaton
Heaton stated: "The default for all of the privacy settings is to share everything with everyone, and few people think to tinker with them." However, he noted that "only users who display their own "last seen" are allowed to see the "last seen" of others."
Love Tech news?
Stay updated with the latest happenings.
Can determine WhatsApp users' app usage patterns quite accurately: Heaton
On his website, Rob Heaton said that anyone could track users by their "last seen" and "online status"; hackers can check people's activity anytime.
Forget exceptionally skilled hackers, even regular people can keep an eye on the users' activity because of this vulnerability in the app.
However, the flaw doesn't let hackers know the contents of WhatsApp messages as they are end-to-end encrypted.
More and more services require your phone number nowadays
Anyone with your cell phone number -provided for whatever reason- can save it on their device. If the number is linked to your WhatsApp, they can easily monitor how often you stay online and what time you go to sleep or wake up, revealed Heaton.
There's nothing users can do to stop stalkers
However, unfortunately, WhatsApp users can do nothing to stop attackers from monitoring their activity. WhatsApp has not stated it is going to fix the issue.
They can only disable their "last seen" status completely, or display it only to their contacts, but "online" status cannot be disabled.
User data can be collected on a mass level and then sold to third-parties for advertising purposes.
No way to defend against monitoring: Heaton
Heaton pointed out WhatsApp users can hide "last seen" but not "online" status. Hackers can update their tools to monitor whether people are "online" rather than relying on "last seen". He added there is "no way at all" for users to defend against such monitoring.