WhatsApp user data leaked to Google search engine

WhatsApp is known for its impressive audience - it attracts not only new users but also specialists in vulnerability search. As it turned out, there were some flaws in the development of the app: according to a recent report, data from hundreds of thousands of users of the popular messenger leaked to the public because of a software "hole".


Atul Jayaram, a researcher in the field of IT security, found that one of the WhatsApp functions leads to the leak of the contact number and even the text of the sent messages in the results of Google search results. As it turned out, when communicating using Click to Chat (starting a conversation using a QR code with a person whose number is not saved in the address book), the data of the "called" subscriber and in some cases the dialogues themselves are cached in the search engine and can be read by adding the number or its prefix to the company's domain wa.me in the browser's address bar.

According to the expert, he was able to find about 300 thousand "merged" contacts in this way, just by attaching the country code to the domain address in the search engine. He claims that WhatsApp management is aware of what is happening, but does not consider the problem a threat to the security of users. It is worth noting that when communicating with contacts stored in the device's memory, there is no leakage. Representatives of the company did not officially comment on the specialist's statement.

Add comment

Add comment