“WhatsApp Will Never Be Secure” – Telegram Founder Attack Facebook Owned WhatsApp

“WhatsApp Will Never be Safe” !! Telegram Founder Pavel Durov Attack Facebook Owned WhatsApp after the recent incident, in which, WhatsApp fixed a high severity bug that allows hackers to inject spyware remotely by making a single WhatsApp call and steal entire phone data.

Durov is always focusing on users privacy, Telegram was created by people who had to leave Russia because of restrictions on freedom and privacy. Telegram is based in Dubai at the moment – and is blocked and forbidden in Russia.

In this case, Telegram said, those demands would be impossible to implement since the keys were stored on users’ devices.

Unlike Telegram, WhatsApp is not an open source platform and it never allows security researchers to check whether the App contain any malicious code or stealing any data from users.

WhatsApp built with extremely obfuscated functionality in their app binaries to make sure no one able to read the code and study their infrastructure clearly.

Durov pointed similar incidents (1, 2, 3) and said “Every time WhatsApp has to fix a critical vulnerability in their app, a new one seems to appear in its place. All of their security issues are conveniently suitable for surveillance, and look and work a lot like backdoors.”

Back to 2012, when he was working for Telegram development, WhatsApp was transferring messages in plain-text in transit (1, 2) which allows not only for government but mobile providers and wifi admins had access to all WhatsApp texts.

After these incidents, WhatsApp added the encryption feature but the decryption key was given to the several governments who can able to decrypt any users WhatsApp Conversation in the country.

In 2016, WhatsApp announced they implemented end-to-end encryption so “no third party can access messages“. It coincided with an aggressive push for all of its users to back up their chats in the cloud.

Also, he Quoted that, “When making this push, WhatsApp didn’t tell its users that when backed up, messages are no longer protected by end-to-end encryption and can be accessed by hackers and law enforcement. Brilliant marketing, and some naive people serving their time in jail as a result”

” WhatsApp has a consistent history – from zero encryption at its inception to a succession of security issues strangely suitable for surveillance purposes. Looking back, there hasn’t been a single day in WhatsApp’s 10-year journey when this service was secure. That’s why I don’t think that just updating WhatsApp’s mobile app will make it secure for anyone.”

He Wrote a brief Statement in Telegraph “A lot of people can’t stop using WhatsApp, because their friends and family are still on it. It means we at Telegram did a bad job of persuading people to switch over. While we did attract hundreds of millions of users in the last five years, this wasn’t enough. The majority of internet users are still held hostage by the Facebook/WhatsApp/Instagram empire. Many of those who use Telegram are also on WhatsApp, meaning their phones are still vulnerable.”

Also he pointed out about the Telegram ” In almost 6 years of its existence, Telegram didn’t have any major data leak or security flaw of the kind WhatsApp demonstrates every few months. In the same 6 years, we disclosed exactly zero bytes of data to third-parties, while Facebook/WhatsApp has been sharing pretty much everything with everybody who claimed they worked for a government “

He also requested that “If you like Telegram enough, you will tell your friends about it. The Facebook marketing department is huge. We at Telegram, however, do zero marketing. We don’t want to pay journalists and researchers to tell the world about Telegram. For that, we rely on you – the millions of our users. “.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…

2 days ago

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…

2 days ago

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…

2 days ago

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…

2 days ago

Araneida Scanner – Hackers Using Cracked Version Of Acunetix Vulnerability Scanner

Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…

3 days ago

A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…

3 days ago