Thought your WhatsApp messages cannot be accessed remotely? Think again as one security expert has discovered a way to read WhatsApp messages off Android devices.
Security consultant Bas Bosschert said that it was possible for others to access users’ private WhatsApp chats through downloaded Android apps. Bosschert insists his method works even on the latest WhatsApp update for Android which adds privacy settings. However, as he says it’s only possible when WhatsApp is backing up your messages to the SD card. If you have turned off message backup during the initial setup, then your messages are safe. But if you have turned on backups, the easiest way to prevent this attack is doing a clean install of WhatsApp and turning off backup when prompted during the setup.
Bosschert published a proof of concept on his blog and explained the workings in detail. Although there are a lot of technical details, the gist is that it takes basic app-development skills to create an app that could steal your WhatsApp messages. This is possible because WhatsApp stores backed-up messages on your Android phone’s SD card and any app that gains permission to read your SD card could technically siphon off this backup without you knowing.
Despite WhatsApp using encryption to secure the message database, it’s possible to extract messages using easily-available online tools. After getting hold of your messages, the attacker could use a tool called WhatsApp Xtract to decrypt the same and easily read the messages.
“The WhatsAppp database is a SQLite3 database which can be converted to Excel for easier access. Lately WhatsApp is using encryption to encrypt the database, so it can no longer be opened by SQLite. But we can simply decrypt this database using a simple python script. This script converts the crypted database to a plain SQLite3 database,” he said.
Nov 29, 2015