WhatsApp may consider itself as the flagbearer of safety features, but the biggest loophole of the popular messaging app has been exposed and hackers can easily take undue advantage of this.
Reportedly, WhatsApp chats come with a security loophole that could be exploited by hackers or people with malicious intentions. This feature is related to backups after getting uploaded to the cloud which seems to be very susceptible to hacking, revealed a report.
Picture this, WhatsApp’s security functions in a way that it lets users backup chats to their devices (local backups) as well as to the cloud (Google Drive for Android, iCloud for iPhone). Even when the app provides end-to-end encryption for chats, the protection goes away as soon as you upload your chat backups to the cloud.
According to a report which quotes an expert, WhatsApp users are potentially facing a threat of getting exposed to hackers who can gain access to all their messages if it is uploaded on the cloud. Anyone who can get access to their Google account can see their texts as they will not be protected by end-to-end encryption in the cloud.
The best part is that WhatsApp knows of the prevailing issue and it is working tirelessly to encrypt chat backups locally before they are uploaded to the cloud. WABetaInfo, which first spotted this feature, revealed that WhatsApp users might have to use a passphrase to “unlock” their device backups, which will help keep attackers at bay. If users forget their passphrase, they might be able to enter a 64-digit recovery key to unlock the backup.
WhatsApp has launched a few features such as the ‘view once’ feature for text, photos, and video messages which will basically allow users to send and receive ephemeral messages that will not get stored on the device or backed up to the cloud. This means that there will be no risk for WhatsApp users and they can also use two-factor authentication for both WhatsApp and their Google account where the chat backups are stored.