WhatsApp assured that since last March the noindex tag was included, with which the problem was solved despite the fact that the damage had already been done. The issue of security and privacy has shown in recent days that it is a priority issue for users, a situation that has now put WhatsApp in the spotlight not only because of its new usage policies. Google would be involved.
A new report informs that Nepal Mobile Database at least 4 thousand WhatsApp groups were posted on Google in a visible way without the administrators of those channels being notified or noticing.
A serious security problem
This failure opened the way for cybercriminals to infiltrate these groups and managed to implement phishing mechanisms to scam and deceive users.
For now, it is unknown since when said failure was registered; However, media such as El País believe that the problem dates back several months.
The cause of the security breach is attributed to a human error by the WhatsApp development team, where an instruction was omitted that prevented indexing the addresses of the chat groups.
Without this indication, Google’s automatic crawlers collect and publish the links that the search finds, making them accessible to any user.
Given what happened, WhatsApp assured that since last March the noindex tag was included, with which the problem was solved despite the fact that the damage had already been done.
Despite this statement, it is fair to point out that this is the third time in three years that WhatsApp has faced this type of security problem, which could be aggravated by its latest updates.
According to the specialist Vázquez Poletti from the Computer and Automation Architecture department of the Complutense University of Madrid (UCM) quoted by various sources, “it is possible that the latest WhatsApp updates were developed by a team other than the original and therefore certain aspects of the configuration have not been taken into account. That could have been the mistake because when you inherit a project from someone else, no matter how much documentation there is, you don’t have a global vision ”.
Sensitive data compromised
During February of last year, the problem would have already been detected. Motherboard recently reported that hundreds, even thousands of private groups on WhatsApp might not be that reserved at the end of the day. Google would be indexing many of the links that administrators can generate to easily invite another member to a conversation between several people. This means that you only need to perform a search on your platform to find the access pass to conversations around the world.
Through a post on Twitter , a Google spokesperson noted that the brand’s system works as intended. In addition, he pointed out that all companies, including WhatsApp itself, can request that these results be deleted through a format. For his part, a representative of the app messaging said that people should not send links to untrustworthy people. This, because the links are for anyone who finds them.
The problem is not minor if we consider the scope of WhatsApp, its frequency of use and the data that can be extracted using malicious phishing techniques. And is that by impersonating a person, business or service, criminals can access sensitive data from identification cards such as emails or passwords to bank card information.
For WhatsApp the matter is not minor if we recognize that the Brother Cell Phone List consumer now gives special value to the data they share and the management that the platforms give to them.
Just as a reference, it is pertinent to mention that, according to a study carried out by Mobile Ecosystem Forum (MEF), AVG Technologies and On Device Research, during 2015, more than 50 percent of mobile users worldwide claimed to have deleted an app by privacy and security issues. Also, 34 percent stopped using an app for the same reason.