Alert! WhatsApp status flaw allows stalkers to track users online
The vulnerability comes through the app’s default online status feature.
A security flaw in WhatsApp could potentially allow third parties to cyberstalk users using the app’s default online status feature.
According to NDTV, cybersecurity firm Traced has discovered several iPhone and Android apps, as well as some web services, that can tell cyberstalkers when a user is active on WhatsApp. These services can be used by third parties to monitor users’ status even without their consent.
“You can enter any mobile phone number, and if that person uses WhatsApp, the status tracker will provide the exact date and time that person opened WhatsApp,” the company explained in a blog post.
Traced revealed that though these apps are usually marketed as a way for users to know when their contacts come online, it is routinely misused by cybercriminals.
Unlike other features, WhatsApp doesn’t offer a way to disable the feature that automatically shows if a user is online, leaving it open to exploitation by cyberstalkers.
Some WhatsApp online status trackers are also found to allow users to enter the phone numbers of two individuals. This helps to presume whether both users are chatting with each other on the app at a particular time.
“We provide a setting to allow people to choose who can view the time a user was ‘last seen' within WhatsApp. To help prevent abuse, we regularly work with app stores to seek the removal of apps that attempt to violate our terms of service,” a WhatsApp spokesperson said of the issue.
“We have banned the WhatsApp accounts associated with such websites, requested Google remove such apps from the Play Store, and also take legal action, as appropriate.“
“Automating WhatsApp's features to scrape information is a violation of our terms of service and we will continue to take action to protect the privacy of our users and help prevent abuse.”
WhatsApp had previously come under fire earlier this week after it was revealed that a security flaw allowed attackers to remotely suspend users’ accounts.
The tech entrepreneurs have each channelled some of their vast... READ MORE
Business? Entertainment? An all-around laptop from an all-familiar... READ MORE
AREA 2071, an innovation ecosystem that attracts the brightest minds... READ MORE
Going behind the scenes and discovering the gargantuan amount of data ... READ MORE
Know what the law says about these visa processes. READ MORE
UAE law: Can you be compelled to work during the official days off? READ MORE
12 tonnes of multi-purpose tents have been dispatched to India as... READ MORE
Injured undergoing treatment in a hospital READ MORE