New research from a group of scientist have revealed that popular messaging service, WhatsApp can be a target for data harvesters. Through it’s new calling

WhatsApp might be snooping your calls and stealing phone numbers

Posted by

New research from a group of scientist have revealed that popular messaging service, WhatsApp can be a target for data harvesters. Through it’s new calling feature,data such as phone numbers and phone call duration can be collected from the app’s network. This highlights areas for future research and study.
WatsApp-spying
In an article titled, “WhatsApp Network Forensics: Decrypting and Understanding WhatsApp Call Signaling Messages,” co-authored by F. Karpisek of Brno University of Technology in the Czech Republic, Ibrahim (Abe) Baggili and Frank Breitinger, co-directors of the Cyber Forensics Research & Education Group at the University of New Haven. These were the observations:

Our research demonstrates the type of data that can be gathered through the forensic study of WhatsApp and provides a path for others to conduct additional studies into the network forensics of messaging apps

“We decrypted the WhatsApp client connection to the WhatsApp servers and visualized messages exchanged through such a connection using a command-line tool we created,”

“This tool may be useful for deeper analysis of the WhatsApp protocol.”

According to the researchers at the University of New Haven, WhatsApp uses FunXMPP protocol (deviated version of XMPP) XMPP has been used by Google for one its communication services, the Gtalk.

The researchers were able to acquire a variety of artifacts from network traffic, including WhatsApp phone numbers, WhatsApp phone call establishment metadata and date-time stamps, and WhatsApp phone call duration metadata and date-time stamps. They also were able to acquire WhatsApp’s phone call voice codec (Opus) and WhatsApp’s relay server IP addresses used during the calls.

Does this means WhatsApp can get hacked into? Should this go into the wrong hands, we can’t imagine what may happen. Your thoughts.

Source

5 comments

  1. This experiment was conducted when the caller was active?! This implies the hacker must be beyond close to time the hacking exploit. If this is true, it is only a frenemy that can hack you and Not someone who doesn’t know when you are active on whatsapp calls.

  2. But this isn’t really new when it comes to WhatsApp. They’ve been accused of harvesting telephone numbers before. Doesn’t anyone find it strange that WhatsApp has the contact details of your phone book?

    I know of someone who, according to him, has never installed WhatsApp on his phone. However there’s a big old profile of him on WhatsApp with his number and all. I can only presume it’s from an old phone he may have passed on to someone but hasn’t erased his details from.

  3. Once you’re logged into the Internet just have it in mind someone somewhere might just be snooping on you and act accordingly,that way you won’t be in for any surprises..#MY2CENTS

  4. So why does this matter and is it presented as some big problem or privacy issue?
    Do you think your provider doesnt log such details? They all do, including Skype and any VoIP trunk operator you can find… Mostly for billing purposes.

    They also don’t harvest numbers… You should really read that PDF and the disclaimers.
    In order to use WhatsApp Call: both parties already need to be signed up, so they already had your phone number anyway…

    Bottom line: big deal, why is this lresented as privacy issue? 🙂
    WhatsApp is one of the most secure and privacy friendly apps out there…

Leave a Reply

Your email address will not be published. Required fields are marked *