A security researcher has discovered a security gap in WhatsApp, the instant messaging platform recently bought from Facebook. Vulnerability can be exploited by attackers to gain access to the private conversations of device owners running Android.
Bas Bosschert, the researcher who discovered the vulnerability, said Facebook did not need to buy WhatsApp if its only goal was to read user conversations.
The expert found that every Android app that has allowed her to access the card SD of the device can easily access all private WhatsApp chats.
All conversations are saved in a file basedata file (msgstore.db) found on the SD card. Bosschert has developed a POC which demonstrates that each application granted to it permission access card can easily retrieve the database and send it to some remote server.
According to Bosschert, in the later versions of WhatsApp, the database file is encrypted. However, this does not mean that private users' conversations are secure. It simply means that an attacker should decrypt the database to gain access to its contents.
The key fromencryptions can be found through WhatsApp Xtract, an application that allows users to backup their WhatsApp chats.
To see the POC and read more technical details visit the researcher's page.
Steals WhatsApp database (PoC)
