Scary WhatsApp flaw reveals when you go to sleep and who you are talking to


Hackers could expose a flaw in WhatsApp to reveal when you go to sleep and who you are talking to on the popular messaging app.

The flaw was discovered by security researcher Rob Heaton who claims the exploit only needs a couple of lines of Javascript code in order to execute.

Mr Heaton said that by using a Chrome extension he was able to log every time a contact was using WhatsApp and then correlate that data with other people.

Mr Heaton deduced that if two contacts popped up at the same time it was likely they were messaging one another.

While this might not be the biggest revelation, especially given that you can easily see for yourself the time when a contact last used WhatsApp, Mr Heaton said that if the technique for logging and correlating when a contact was online fell into the wrong hands, it could be used as an easy way to snoop on people.

“You’re dying to know whether your friends Lara and Tara are secretly dating,” Heaton wrote in a blog post.

“You can’t help but write multi-variate cross-correlation software that shows a striking alignment between their WhatsApp usage patterns.”

Explaining how this would work he said: “The plan is simple. Every 10 seconds, you check your target’s WhatsApp status, and note if they are online or not.”

Imagining a possible scenario of what the logged data could be used for Mr Heaton wrote:

“You start a company that runs a service that takes a phone number and returns WhatsApp usage for that number.

“You sell this information to health insurers and credit agencies, who are both very suspicious of people who are awake at 4am.”


Comments are closed.