Big hole in WhatsApp. Anyone can read someone else's deleted messages

In WhatsApp, you can recover messages deleted by the interlocutor from a normal chat. To do this, you need to use third-party WAMR software, which is wildly popular. Facebook has not yet been able to close this vulnerability.

Also Read — US hacker takes entire North Korea offline

Another danger of WhatsApp

A new vulnerability has been found in WhatsApp Messenger. This allows you to view messages deleted by the interlocutor without his permission, writes the New York Post. According to the publication, you can not only access the usual text messages already deleted from the chat, but photos, videos and other content as well.

Meta (formerly Facebook, the owner of WhatsApp) is a loophole that cannot be closed. Reading deleted messages, even if the sender deleted them, allows a third-party WAMR application.

At the time of publication of the material, WAMR was present only in the version of Android, but this does not mean at all that iPhone owners are safe from it. The application keeps track of all deleted messages in WhatsApp chats, regardless of which platform they were sent from.

WAMR is gaining popularity at an alarming rate. It was uploaded to Google Play in mid-July 2019, and in two and a half years, users have downloaded it over 50 million times.

Based on an average score of 4.5 out of 5 (based on around 730,000 reviews), people who have downloaded this software are satisfied with the features it offers. In addition, the application did not even have time to pass the beta testing phase – as of January 31, 2022, it was available in version 0.11.1, which was published in early June 2021.

Also Read — US hacker takes entire North Korea offline

How it all works

WAMR is distributed free of charge, and only the activation of some features requires payment. The utility does not interact with the WhatsApp messages themselves, but scans all available active chats.

After that, WAMR starts monitoring notifications coming from WhatsApp. If the application notices that the interlocutor has deleted the message, it will offer to view its contents.

In other words, WhatsApp messages containing sensitive information and hastily deleting them in the hope that the recipient will not have time to read them is no longer possible. Also, WAMR eliminates the possibility of deleting a message sent by accident or to the wrong user.

Even if it is a voice message, WAMR will be able to save it even if it disappears from the chat. The same applies to documents

Also Read — US hacker takes entire North Korea offline

Changing the messenger is not a panacea

According to the New York Post, users who do not want their deleted messages to be saved using WAMR may not even try to change the messenger. Such a radical decision will not lead to the desired result.

The publication claims that WAMR is able to “archive” deleted messages in other instant messengers. An example is Facebook Messenger.

Whether WAMR is able to work with more secure messengers, for example, Signal or Telegram, the developers do not specify.

However, the description of the application does not mention any of the existing instant communication services at all, which may indicate the versatility of this tool. In addition, the editors of CNews made sure that at the first start WAMR detects all instant messengers installed on the smartphone.

Also Read — US hacker takes entire North Korea offline

Super dangerous application

WAMR poses a potential privacy risk not only for messenger users who are accustomed to deleting their messages from chats. Those who install this software on their device are at even greater risk.

The app needs too many permissions to work. In addition to accessing notifications, for some reason it “wants” to read SMS messages. In addition, it requests access to the file storage, as well as to the contact list and call log.

In addition to this, WAMR requires that it be allowed to autostart. In addition, this application cannot work autonomously – for some reason it needs unlimited Internet access, as well as access to a list of Wi-Fi networks.

The developers do not specify what all this is for the program, which simply monitors notifications in communication applications. The New York Post experts warn that this utility can be used to steal data from other applications installed on the device.

Also Read — US hacker takes entire North Korea offline

Leave a Reply

%d bloggers like this: