drag2share: Hacker Claims This Crucial WhatsApp Flaw Can Expose Your Messages in Minutes
source: http://feedproxy.google.com/~r/businessinsider/~3/DYucUkMsGZw/crucial-whatsapp-security-issue-2014-3
WhatsApp users should be careful when downloading Android apps. If you don't read an app's permissions attentively before installing, your WhatsApp chat history could end up in a stranger's hands, according to one IT specialist from the Netherlands.
Bas Bosschert, a technical consultant with more than 10 years experience working with Linux and Unix, explained how developers can trick WhatsApp users into granting access to their entire message database. Since WhatsApp backs up messages on your phone's SD card, apps can easily access this information if granted permission to do so. This data can then be uploaded to the developer's personal Web server.
Bosschert's blog post details how to create these types of apps. The Netherlands-based technical consultant says that if the code shown in his screenshots was added to an Android game, it could be used to extract a WhatsApp user's database.
"People would only see a loading screen when they started the game," Bosschert said in an email to Business Insider. "They wouldn't notice that their WhatsApp database has been uploaded."
Security concerns surrounding WhatsApp aren't new, but have been attracting more attention since Facebook acquired the text messaging alternative last month