WhatsApp might be the world’s most popular known messenger service, offering end-to-end encryption for chats, which is viewed as protected. however, its biggest weakness has been exposed and hackers can target users from that point. WhatsApp chats reportedly have one security loophole that could be exploited by hackers or malicious actors that is yet to be fixed by the company. The WhatsApp feature is related to handling user’s backups when they are uploaded to the cloud, according to a recent report. And cloud services too are susceptible to hacking, thereby putting WhatsApp at risk.
How WhatsApp security works:
WhatsApp allows users to backup their chats to their devices (local backup) just as to the cloud (Google Drive for Android, iCloud for iPhone), and while the app offers end-to-end encryption for chats, the protection is lost as soon as you upload your chat backups to the cloud. End-to-end encryption is a way of protecting WhatsApp data in such a way that only the intended sender and recipient can see images, calls, messages, or any content – not even the service provider can see your message.
How WhatsApp is doing to keep users safe:
Fortunately, WhatsApp seems to be aware of this issue, as it is reportedly working away at encrypting chat backups locally before they are transferred to the cloud. The feature was first spotted by WABetaInfo and appeared on the beta testing channel for a brief period of time. Users will have to use a passphrase that will “unlock” their device backups, which will help keep attackers at bay. If WhatsApp users forget their passphrase, they might be able to enter a 64-digit recovery key to unlock the backup.
The most effective method to safe WhatsApp chats:
In the meanwhile, WhatsApp users can remain safe by using disappearing messages, the recently released ‘view once’ feature for text, photos, and video messages is live on the app. These features allow users to send and receive ephemeral messages that are not stored on the device or backed up to the cloud, which will reduce the risk of their personal data being stolen if their account is compromised. They should also enable two-factor authentication for both WhatsApp and their Google account where the chat backups are stored.