Mobile Messengers Expose Billions Of People To Privacy Attacks

A recent study and research shows that mobile messengers expose billions of people to privacy attacks. Privacy is a very important feature for many mobile smartphone users all over the world. Some persons even chose which device to purchase and make use of based on privacy. But do you know that with the recent find via the study, all these won’t matter? As long as you are using a mobile messenger on your smartphone device such as WhatsApp, you face exposure to privacy attacks. The study and research revealed a whole lot. And if you are making use of any of the various mobile messengers, then you need to read this article and learn of various ways to keep yourself and your details safe.

Mobile Messengers Expose Billions Of People To Privacy Attacks

Mobile Messengers Expose Billions Of People To Privacy Attacks

Via the study carried out, various mobile messengers expose personal data through discovery services. These services allow users to find contacts that are based on phone numbers from their address book. I bet you still don’t understand what this means or how you are exposed to threats. Well, you know that when you install messengers like WhatsApp on your device, you can start texting with friends and family almost immediately. This is possible as long as you have a person’s contact stored on your device. And also for this to happen, a user must first grant various permissions to the app to access and upload their address books regularly to the company’s servers. This process is known as mobile contact discovery.

A study recently carried out by a team of researchers from the secure software systems group at the University of Wurzburg and the cryptography and privacy engineering group at TU Darmstadt clearly shows and reveals that deployed contact services threatens and exposes the privacy of billions of users worldwide. Making use of a few resources at their disposal, the researchers were able to perform and carry out crawling attacks on some popular mobile messengers such as WhatsApp, signal, and telegram. And results of the attacks were mind-blowing. Continue reading to find out about the results of the practical crawling attacks carried out by attackers.

Results Of The Crawling Attacks On Mobile Messengers By Researchers

The result of the practical attack was simple and straightforward. But for users on the other hand they have all reasons to be worried. The results however showed that hackers or malicious users could collate sensitive data at a large scale without any form of opposition or restrictions. For most part of the study, researchers queried 10% of all mobile phone numbers in the US for WhatsApp and 100% for Signal. With this, the researchers were able to collate personal data stored in the messenger’s user profiles. And this is including profile pictures, status texts, the last online time, and nicknames.

Data collated and analyzed also showed some interesting statistics based on user behavior. The researchers also found out that about 50% of users of WhatsApp in the USA have a public profile picture. It also shows that 90% of the US public using WhatsApp has a public about text. Other interesting stats also showed that 40% of signal users had a WhatsApp profile. And they all had a public profile picture on WhatsApp. With all these pieces of information and keeping tabs on such data over time will enable attackers to build accurate behavior models. And in the long run. These pieces of information can be used to build profiles that can be used to scam users.

The Impact Of Research Results

With the results of the research. It clearly shows that no one is safe in terms of privacy when it comes to their mobile messenger apps. However, at the end of the whole research, the team went on to report their findings to the service providers. With the results, WhatsApp has improved on their protection mechanisms in the sense that large scale attacks can now be detected. Signal on the other hand has reduced the number of possible queries to complicate crawling. Lastly, the researchers proposed other mitigation techniques to reduce the efficiency of these attacks. And this is without impacting the usability of these services in a negative manner.


Please enter your comment!
Please enter your name here