News

Dangerous indexing: WhatsApp phones hit Google

Share

WhatsApp users’ personal data was in danger of leakage, said an IB researcher from India. According to him, the new “Click to Chat” function is to blame. The uses of which leads to the indexing of phone numbers of users on Google, and, as a result, to their appearance in the search results.

“Your WhatsApp phone number may be leaked to the Internet, and the authorities will not doubt it, do you?”. This is how the publication of cybersecurity researchers from Atul Jayaram in India began in a media forum.

According to Jarayama, he discovered an unpleasant loophole in a popular Messenger. Users from the United States, Britain, India. And almost all other countries in the world have suffered from it.

It turns out that the number of WhatsApp users can be found on the public domain network, and it is not even necessary to delve into the dark web-we are talking about Google search results.

The vulnerability is in the “click to chat” function, which allows you to have a conversation with WhatsApp users by scanning QR codes. Each account is assigned a unique code. Which is a link in the form of https://wa.me/ in the form of decryption. At the end of the link is the user’s phone number that is not hidden or encrypted.

For example, you can share this link on Twitter so that your friends can quickly chat with you. However, after posting the link once on the social network, Google and other search engines began to index it and display it as output. Moreover, deleting the link will no longer help if it reaches Google, then it will stay there.

Jayaram said he found about 300,000 phone numbers from WhatsApp in Google’s search results.

Given that attackers can take over these numbers. You need to be prepared to receive calls and messages from potential spammers or advertisers. According to the researchers who discovered the vulnerability. The most reliable solution is to delete the account and assign a new phone number.

Atul Jayaram believes that WhatsApp can avoid this problem by encrypting the user’s phone number instead of storing it as plain text.

In March this year, information security experts had accused the messenger of storing personal data in unencrypted form.

Then, the researcher’s request aimed to implement two-factor authentication. In which the device owner himself chose a six-digit PIN code to enhance security.

As discovered by IB experts, this PIN is stored in Messenger’s “sandbox” in an unencrypted form-this area is not accessible by default by other applications. Nonetheless, there are many exceptions when you can still enter the “sandbox” and find out the user password. Therefore, iPhones with jailbreak check functions are vulnerable to attack, and attackers must physically access them. In addition, if the owner has root permissions and can provide him with a wide range of super administrator functions, the PIN code can be found on the Android-based gadget.

Also Read:

Xiaomi Mi Band 5 Design & Feature & Launching & Charging works!

Sony PS5 comes with advanced feature on june 12 with official announcement

Apple iOS 14 added support for call recording function

Published by
Haseeb
Tags: apps

Recent Posts

New OnePlus 8T case leak shows quad-cam design

The wait of users is near to over because of a few days left for…

4 years ago

Playstation 5 UI Start Up Leaked | Xbox Series X Boot Time fast

A short video has surfaced with an alleged PlayStation 5 loading screen and a user…

4 years ago

New iPad Air 4 Benchmarks Leaks shows Performance and multi-core workloads.

It is not wrong to say that the first leak of the A14 bionic benchmark…

4 years ago

Europe demands to ban undeletable apps on smartphones

The EU is currently studying a proposal to reform digital markets and data sharing methods.…

4 years ago

Leaker reveals the alleged prices of the iPhone 12 series

Only a few weeks left for the official announcement of the iPhone 12. The source…

4 years ago

Rumor: Apple is planning four iPhone 13 models, two of them with 120 Hz ProMotion displays, the iPhone SE 3 will not follow until 2022

A well-known analyst has already shared a lot of information about the iPhone models that…

4 years ago