Research carried out by a German cryptography team found that a flaw in how the app interacts with WhatsApp's severs, controlled by Facebook, allows anyone with access to those servers to easily insert new people into a private group chat.
The issues are encryption flaws and were detailed at the Real Word Crypto security conference in Zurich, Switzerland by researchers from Ruhr University Bochum in Germany.
WhatsApp is now testing a new feature, which can allow a group admin to dismiss another admin, without removing the person from the group.
Encryption has always been one of the more hard elements of group chat; the best protection in the world can not stop unintended readers from seeing messages once they've been decoded.
Those who use WhatsApp will know that a notification is sent when a new member joins a group - killing any chance of quietly watching conversations without anyone noticing. Whenever a new member is to be added, the administrator first sends a request to the WhatsApp server with the ID of the new member that it wants to add.
Researchers have uncovered a serious security vulnerability in WhatsApp that could allow hackers or government spies to slide unnoticed into group chats in the Facebook-owned messaging app.
Razer Phone Now Supports Netflix Content in HDR and 5.1 Surround Sound
An interesting detail is that being on the laptop, the screen of the Razer Phone will work as a touchpad or secondary screen. With this in mind, it should come as no surprise to learn that Razer is looking to do even more with the device.
Security researcher Moxie Marlinspike in a forum post explained how WhatsApp group messaging works. It would appear as if the new person on the group chat had the authority of the admin to enter the chat.
WhatsApp has confirmed the researchers' findings but points out that it is not possible to add a new member to a group without members of that group being notified.
Researchers reported an alleged security flaw for WhatsApp that supposedly violates privacy.
"At present, WhatsApp is developing this feature for iOS and it will be available soon for all users, instead for Android it is already enabled by default in the newest WhatsApp Google Play beta for Android 2.18.12", the report added. And, if you scroll through the unread messages in the WhatsApp group manually, then the button will vanish automatically.
"In contrast, Telegram does no encryption at all for group messages, even though it advertises itself as an encrypted messenger, and even though Telegram users think that group chats are somehow secure".