WhatsApp’s 3.5 Billion Account Scrape: Comedic Oversight or Security Wake-Up Call?
A research team from the University of Vienna cracked a technique to enumerate 3.5 billion WhatsApp accounts, revealing a flaw in WhatsApp’s defenses. WhatsApp owner Meta quickly rolled out fixes, emphasizing that no private messages were leaked. The researchers have since securely deleted the data, proving they are better at breakups than most of us.
Hot Take:
In the world of cyber cat-and-mouse, who knew phone numbers were the cheese? Researchers from the University of Vienna have taken enumeration to a whole new level, leaving WhatsApp scrambling faster than you can say “privacy settings”. But fear not, Meta has patched the loophole, leaving us all to wonder: who needs a phone book when you have an enumeration technique?
Key Points:
- Researchers from the University of Vienna scraped 3.5 billion WhatsApp accounts using a novel enumeration technique.
- Meta has since rolled out mitigations to prevent exploitation of this vulnerability.
- The technique involved checking possible phone number combinations for registration on WhatsApp.
- Data scraped included timestamps, public keys, and in some cases, profile pictures and ‘about’ info.
- Meta has emphasized that no messages or non-public data were exposed, and privacy settings can limit information visibility.
Already a member? Log in here