Whatsapp is the most widely used messaging app across the nation worldwide. It has a fanbase of over 1 billion. WhatsApp chats are more than just simple texts. We all know it. We share photos, videos, bank account details, contacts, and whatnot on WhatsApp. And with so much personal data, if you take the privacy and security of WhatsApp for granted then its a jackpot for wicked minds.
The biggest risk with 3rd party applications is, if hackers can alter WhatsApp’s APK to hide your last seen, they can also add code to record your chats and send them to their own servers.
A general user will never come to know what code has been added in a 3rd party application and as these apps are not uploaded on official app stores, no malware analysis is done on them, opening up the users to extreme risks.
On the issue of possible misuse or hacking through third-party keyboard apps, WhatsApp engineers said that if a user has installed a keyboard app, which could potentially be vulnerable to hacking, WhatsApp cannot do much to protect the data. They further stressed that users’ messages are encrypted in transit. That’s why it’s very important to use trusted applications.
On the other hand, the CIA is capable of bypassing the encryption on a number of popular messaging apps including WhatsApp, according to newly released WikiLeaks documents.
The whistle-blowing organization has just published 8,761 files, which Julian Assange claims account for “the entire hacking capacity of the CIA”.
The enormous release is the first of several comprising the ‘Vault 7’ collection. A WikiLeaks release claims that the CIA uses malware and hacking tools to remotely hack smartphones and turn TVs into covert microphones.
In Germany, the police are developing software that can hack into people’s smartphones and read encrypted messages. They are working on a new version of Remote Communication Interception Software(RCIS). RCIS is used for introspecting electronic devices.
The new version of RCIS is designed to hack smartphones and tablets with Android, iOS, and Blackberry operating systems.
The device can hack the messages directly from the source that is the user’s screens. It is targeted at messaging services like Whatsapp or telegram making it a probable “surveillance” software in the hands of a government. The software is expected to come by the end of the year.
Does WhatsApp track your data?
WhatsApp revealed that 3.1 billion images, 700 million GIFs, and 610 million videos were sent on New Year’s Eve. That makes us wonder how does WhatsApp knows?
While WhatsApp claims it does not read the content of your messages, it does know whether your image is an image or a text. As you may already know WhatsApp periodically publishes reports on how many images or voice calls were sent on its platform.
Is your backup data secured?
WhatsApp points out that the users are primarily responsible for their privacy when they choose to back up their data on iCloud or Google Drive. Backed-up data are encrypted in transit including on iOS or Android, but it’s not end-to-end, Basically, users have ownership of their messages. When you perform a backup of your messages to third-party services, the data is not then on WhatsApp servers.
What Measures Should I take to Protect Myself From Hacking?
- Don’t connect to public Wifi networks as hackers can use them to snoop into you communications
- Don’t scan untrusted QR codes as a hacker can use them to gain access to your WhatsApp account via WhatsApp web
- Don’t leave your phone unattended & unlocked.
- Lock your device with Patterns/Passwords/PINs/Biometrics. Don’t give your unlocked phone to untrusted people
- Enable the inbuilt 2 step verification provided by WhatsApp
- Enable the “Show security Notifications” option in the Account->Security menu in WhatsApp and when you get a notification that a contact of yours has had his/her encryption code changed, be cautious as someone could have hijacked their account. In such a case call them and confirm manually whether they have changed their mobile phone.
- Regularly backup your chats on the cloud instead of storing them locally
- Make sure your application is always up to date
- If you see that WhatsApp web is activated in you notifications but you are not using it, disconnect the device immediately from the WhatsApp menu
Last but not least, use the same common sense you would with any form of digital communication. Don’t send personal information if you can possibly avoid it – addresses, phone numbers, email addresses – and never send your bank, social security, credit card details, or your passport or other identification details.