Security researchers have discovered a method of infiltrating group chats in WhatsApp, effectively rendering the chat tool's end-to-end encryption useless.
Researchers from Germany's Ruhr University Bochum have unearthed an encryption flaw that makes it possible for group conversations to be compromised. While the vulnerability is not one that poses immediate concerns -- it requires direct access to WhatsApp servers -- it still raises questions about the security of the platform.
The research group turned its attention to messaging tools Signal, WhatsApp, and Threema, but it was only Facebook's WhatsApp that gave cause for concern. The flaw means that anyone in control of a WhatsApp server could, in theory, insert people into a conversation -- either with the aim of simply eavesdropping, or diverting the conversation.
The flaw -- detailed in a paper -- shows how it is possible to add a participant into a conversation without the permission of the person in control of the group. One of the researchers, Paul Rösler, says:
The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them. If I hear there's end-to-end encryption for both groups and two-party communications, that means adding of new members should be protected against. And if not, the value of encryption is very little.
While the flaw is not likely to be a concern to the average WhatsApp user, it may be slightly more worrying to journalists and informants who use the platform because they believe it offers complete security and privacy.
The story was first revealed by Wired, which says:
[The] WhatsApp attack takes advantage of a simple bug. Only an administrator of a WhatsApp group can invite new members, but WhatsApp doesn't use any authentication mechanism for that invitation that its own servers can't spoof. So the server can simply add a new member to a group with no interaction on the part of the administrator, and the phone of every participant in the group then automatically shares secret keys with that new member, giving him or her full access to any future messages. (Messages sent prior to an illicit invitation, fortunately, still can't be decrypted.)
Everyone in the group would see a message that a new member had joined, seemingly at the invitation of the unwitting administrator. If the administrator is watching closely, he or she could warn the group's intended members about the interloper and the spoofed invitation message.
But the Ruhr University researchers and Johns Hopkins' Green point out several tricks that could be used to delay detection. Once an attacker with control of the WhatsApp server had access to the conversation, he or she could also use the server to selectively block any messages in the group, including those that ask questions, or provide warnings about the new entrant.
WhatsApp has confirmed the researchers' findings but points out that it is not possible to add a new member to a group without members of that group being notified. A WhatsApp representative says:
We've looked at this issue carefully. Existing members are notified when new people are added to a WhatsApp group. We built WhatsApp so group messages cannot be sent to a hidden user. The privacy and security of our users is incredibly important to WhatsApp. It's why we collect very little information and all messages sent on WhatsApp are end-to-end encrypted.