WhatsApp is one of the leading cross-platform messaging applications used by billions of users across the globe. While it has been at the centre of a debate over the last few months due to its dubious privacy policies, a new report highlights yet another security flaw.
According to a recent report from Traced, this new flaw in WhatsApp exposes the personal information of users and tracks users’ “online status” and monitors their activities. The report suggests that WhatsApp has become a hunting ground for stalkers who with the help of these vulnerabilities can even predict if you’re chatting with someone at a given time.
WhatsApp automatically updates your status to “Online” when a user comes online. This is visible to anyone who has the user’s contact number although the user might not have the number saved in the address book. These interlopers are reportedly using this flaw to monitor users’ activities.
Although WhatsApp’s privacy settings do allow users to hide their “Last Seen,” however, there is no way to hide a user’s current status from anyone. Last seen only hides the time when WhatsApp was used by the user last time but if a user is “Online” at any given time, there is no way to hide that.
Thankfully, the folks at Traced decided to carry out research to unearth multiple applications/websites that track user habits and would allow anyone to add multiple contact numbers to the list and keep a watch on their activities. Based on the contact’s simultaneous online presence, the stalker can easily determine how long both the accounts were online and how long they chatted.
What is horribly wrong here is that the users who are being “watched” will have no idea if they are being spied upon and the stalkers do not even need any sort of access to the target’s smartphone.
Apps available publicly
These applications or websites are created to take advantage of suspecting partners or parents who want to keep an eye on their child’s activities. And while such applications are available in the grey market, however, they need to be installed on the target’s mobile phone.
While this new hack works on predictability and requires the stalkers to enter all the possible numbers that they suspect their partner or child is talking to.
Another scary thing is that these applications are commonly available on app repositories like Play Stores and the developers of these applications tweak the description of these applications to disguise them as regular productivity tools. Additionally, since these are installed on the stalkers’ phone rather than the target’s smartphone, these applications can bypass Play Store’s policies.
A user who suspects that they are being tracked, unfortunately, there is not much that they can do to remain away from prying eyes. This is because the apps in question are using WhatsApp’s official features and there is a strong possibility that they might not even know the WhatsApp number that is being used to spy on them, hence it can’t be blocked as well.