Blocking ads removes funding from us!
Researching and writing articles takes a lot of time. Operating our infrastructure costs money.
All of this is funded with advertising revenue.
We don't like advertising either - that's why we avoid annoying banners and pop-ups.
Please give us a chance and deactivate your adblocker!
Alternatively, you can support us here voluntarily.

Follow us:


Vulnerability discovered in WhatsApp Web: all users affected

Facebook-WhatsApp
Image: APA / EPA / Patrick Pleul
(Post picture: © 2016 APA / EPA / Patrick Pleul)

Security researchers have found a new vulnerability in the WhatsApp Web API. It is thus possible for hackers to access third-party user data. And unlimited.

Security researcher Loran Kloeze has uncovered a critical loophole in WhatsApp's web interface. This enables hackers to query unlimited telephone numbers in the database. He also has the gap here in one Blog post recorded.

Creation of infinite user databases possible

Kloeze has developed an extra script for this experiment, which runs through several numbers. If there is a hit, the associated phone number, info and Profilbild of the user is displayed. In this case, the IT expert defines a filter of phone numbers, which the script searches through. This is done solely by using the WhatsApp developer API. This means you could record a user's online times for months without them noticing.

This is the script, the vulnerability in WhatsApp Web. This can be used to read out third-party user data. (Image: Loran Kloetze/ Blog)

As a spokesman told Motherboard, the Proproblem already worked. Abuse will also be monitored behind the scenes and unusual queries will be blocked. If you don't want to be tapped, you can hide all data in WhatsApp's data protection settings. For each point, the setting must be set to "My contacts". The hacker could then theoretically only access data from his contacts.

Recommendations for you

>> The best Amazon deals <

David Wurm

Do that TechnikNews-Ding together with a great team for several years. Works in the background on the server infrastructure and is also responsible for everything editorial. Is fascinated by current technology and likes to blog about everything digital. In his free time, he can often be found developing websites, taking photos or making radio.

David has already written 960 articles and left 382 comments.

Development | Facebook | Twitter | Insta | YouTube | PayPal coffee donation
notification settings
notifications about
guest
Your name, which will be shown publicly.
We will not publish your email address.

0 Comments
Inline feedback
View all comments
Cookie Consent with Real Cookie Banner