Connect with us

Tech News

Hackers Could Bypass WhatsApp ‘View Once’ Due To Vulnerability

Published

on

Latest Hacking News

Security researchers have uncovered a significant security issue that poses a threat to the privacy of WhatsApp users. This vulnerability primarily affects the ‘View Once’ feature in WhatsApp, allowing a malicious actor to gain persistent access to the target media without the recipient’s knowledge.

Vulnerability In ‘View Once’ Feature Allows Persistent Access To WhatsApp Media

Zengo’s security researchers identified a critical security issue in WhatsApp that enabled an attacker to circumvent the app’s ‘View Once’ privacy feature. In a detailed post, Be’ery and the team revealed a method to access media content shared on WhatsApp with a ‘View Once’ restriction.

According to Meta, ‘View Once’ is a privacy-focused media-sharing feature on WhatsApp that permits the recipient to view and access the shared media only once. Once opened, the media (such as audio messages, videos, and photos) automatically disappears from the chat to leave no trace. Recipients are unable to save the media on their devices or capture screenshots.

Despite the intended privacy protection, the researchers demonstrated how the feature could be bypassed.

The root of the issue lay in how WhatsApp servers handled ‘View Once’ media. The researchers observed that WhatsApp servers simply labeled the message as ‘View Once’ and distributed it to all devices, including those not equipped to handle ‘View Once’ messages. This flaw allowed an attacker to change the ‘viewOnce: true’ flag to ‘false,’ granting them unrestricted access to view and download the message on any device without additional authentication.

Another oversight with this feature was the retention of ‘View Once’ messages on WhatsApp servers for up to 2 weeks.

See also  Safeguarding democracy from cyber threat peril  

The researchers identified two methods to bypass this privacy feature. Firstly, they developed an unofficial WhatsApp client using the WhatsApp Web API client “Baileys” to link to an existing WhatsApp account and download ‘View Once’ messages. Secondly, they could download the encrypted message with any client and decrypt it later using OpenSSL, as illustrated in the accompanying video.

Meta Patched The Flaw

Upon discovering this vulnerability, the researchers responsibly disclosed it to Meta. However, due to active exploitation of the flaw, the researchers decided to make the issue public.

As of now, there is no official patch available to address this ‘View Once’ vulnerability for WhatsApp users. Nevertheless, Meta is reportedly working on a fix that will be included in future releases. Meta’s statement regarding the matter reads:

Our bug bounty program is an important way we receive valuable feedback from external researchers and we are already in the process of rolling out updates to view once on web. We continue to encourage users to only send view once messages to people they know and trust.

Share your thoughts in the comments section below.

Trending