Monday, March 4, 2024

“WhatsApp Will Never Be Secure” – Telegram Founder Attack Facebook Owned WhatsApp

“WhatsApp Will Never be Safe” !! Telegram Founder Pavel Durov Attack Facebook Owned WhatsApp after the recent incident, in which, WhatsApp fixed a high severity bug that allows hackers to inject spyware remotely by making a single WhatsApp call and steal entire phone data.

Durov is always focusing on users privacy, Telegram was created by people who had to leave Russia because of restrictions on freedom and privacy. Telegram is based in Dubai at the moment – and is blocked and forbidden in Russia.

In this case, Telegram said, those demands would be impossible to implement since the keys were stored on users’ devices.

Unlike Telegram, WhatsApp is not an open source platform and it never allows security researchers to check whether the App contain any malicious code or stealing any data from users.

WhatsApp built with extremely obfuscated functionality in their app binaries to make sure no one able to read the code and study their infrastructure clearly.

Durov pointed similar incidents (1, 2, 3) and said “Every time WhatsApp has to fix a critical vulnerability in their app, a new one seems to appear in its place. All of their security issues are conveniently suitable for surveillance, and look and work a lot like backdoors.”

Back to 2012, when he was working for Telegram development, WhatsApp was transferring messages in plain-text in transit (1, 2) which allows not only for government but mobile providers and wifi admins had access to all WhatsApp texts.

After these incidents, WhatsApp added the encryption feature but the decryption key was given to the several governments who can able to decrypt any users WhatsApp Conversation in the country.

In 2016, WhatsApp announced they implemented end-to-end encryption so “no third party can access messages“. It coincided with an aggressive push for all of its users to back up their chats in the cloud.

Also, he Quoted that, “When making this push, WhatsApp didn’t tell its users that when backed up, messages are no longer protected by end-to-end encryption and can be accessed by hackers and law enforcement. Brilliant marketing, and some naive people serving their time in jail as a result”

” WhatsApp has a consistent history – from zero encryption at its inception to a succession of security issues strangely suitable for surveillance purposes. Looking back, there hasn’t been a single day in WhatsApp’s 10-year journey when this service was secure. That’s why I don’t think that just updating WhatsApp’s mobile app will make it secure for anyone.”

He Wrote a brief Statement in Telegraph “A lot of people can’t stop using WhatsApp, because their friends and family are still on it. It means we at Telegram did a bad job of persuading people to switch over. While we did attract hundreds of millions of users in the last five years, this wasn’t enough. The majority of internet users are still held hostage by the Facebook/WhatsApp/Instagram empire. Many of those who use Telegram are also on WhatsApp, meaning their phones are still vulnerable.”

Also he pointed out about the Telegram ” In almost 6 years of its existence, Telegram didn’t have any major data leak or security flaw of the kind WhatsApp demonstrates every few months. In the same 6 years, we disclosed exactly zero bytes of data to third-parties, while Facebook/WhatsApp has been sharing pretty much everything with everybody who claimed they worked for a government “

He also requested that “If you like Telegram enough, you will tell your friends about it. The Facebook marketing department is huge. We at Telegram, however, do zero marketing. We don’t want to pay journalists and researchers to tell the world about Telegram. For that, we rely on you – the millions of our users. “.

Website

Latest articles

New Silver SAML Attack Let Attackers Forge Any SAML Response To Entra ID

SolarWinds cyberattack was one of the largest attacks of the century in which attackers...

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...

20 Million+ Cutout.Pro User Records Leaked On Hacking Forums

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach,...

CWE Version 4.14 Released: What’s New!

The Common Weakness Enumeration (CWE) project, a cornerstone in the cybersecurity landscape, has unveiled...

RisePro Stealer Attacks Windows Users Steals Sensitive Data

A new wave of cyber threats has emerged as the RisePro information stealer targets...

Golden Corral Restaurant Chain Hacked: 180,000+ Users’ Data Stolen

The Golden Corral Corporation, a popular American restaurant chain, has suffered a significant data...

CISA Warns Of Hackers Exploiting Multiple Flaws In Ivanti VPN

Threat actors target and abuse VPN flaws because VPNs are often used to secure...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles