If you are using the application WhatsApp to chat with friends, you have to be very careful if you have the "Location Share."
While there is no problem communicating with WhatsApp between your phone and the company's most SSL-encapsulated server, a new security gap makes the application vulnerable to hackers.
According to researchers at the UNH Cyber Forensics Research & Education Group, the service of WhatsApp showing the location of the owner could put you at risk. But let's look at the vulnerability.
When sharing your post via WhatsApp you should first identify yourself via Google Map, in an app window, as shown below:
Once you select your location, WhatsApp gives you one miniature από την υπηρεσία Google Map για να μοιραστείτε το εικονίδιο με τους φίλους σας. Δυστυχώς όμως το WhatsΑpp κατεβάζει αυτή την εικόνα από την Google, από κανάλια που δεν είναι κρυπτογραφημένα και έτσι θα μπορούσε να πραγματοποιηθεί μια επίθεση Man-in-the-middle, όπως φαίνεται και στο παρακάτω video demonstration.
An image could be enough to expose your location, but practically this attack is only possible when the attacker and the victim are connected to the same network. This is something that greatly facilitates Man-in-the-middle attacks.
Researchers have already reported this flaw to the WhatsApp team and it has already been fixed in the latest beta version of the app available on the official websiteσελίδα as reported by THN.
