Here we are, in the middle of the summer, with a security alert for WhatsApp users. Just a few days ago, we reported the claims of a security expert, who has stated that he was able to find a breach in the security system of WhatsApp. In fact, according to Jonathan Zdziarski (that’s the name of this digital security expert): “The latest version of the app tested leaves forensic trace of all of your chats, even after you’ve deleted, cleared, or archived them… even if you ‘Clear All Chats … In fact, the only way to get rid of them appears to be to delete the app entirely.”
As if it wasn’t enough, today we have another warning coming from a UAE-based non-profit online safety organisation called E-SAFE (Emirates Safer Internet Society). The organisation has warned app users that hackers need only 30 seconds to access into instant messaging apps such as WhatsApp. To prove their thesis, the E-SAFE team has also provided a live demo during a Press conference.
The organisation conducted also a survey, with surprising results. According to this latest E-SAFE research, about 77 per cent of the app users never log out of the WhatsApp-Web (the option that enables users to use WhatsApp through their PC) and about 88 per cent of WhatsApp users let their family members access their phone unattended, while another 22 per cent of users said that they allow their friends to use their devices.
The organisation is convinced that especially WhatsApp-Web is at risk. Al Hashemi from E-SAFE explained: “Once an intruder is in contact with a phone, he can access all content on WhatsApp by scanning the phone’s QR code on a computer through the online WhatsApp site. After the QR code is scanned, the intruder can send messages to all contacts and delete messages from contacts on the app,” .
To solve the issue, the E-SAFE team has also contacted WhatsApp Inc. On the matter, Mohammad Mustafa Saidalavi, founder and chief operating officer of E-SAFE, said that “We have contacted them to urge the app’s makers to introduce a safety notification feature that informs users whenever their WhatsApp account is accessed from any web service,”. For the moment, the only possible reasonable solutions seem to be: not to leave your phones unattended and, once you finish to use it, log out from WhatsApp Web.