WhatsApp’s View Once Flaw: A Privacy Nightmare

Attackers Can Easily Save and Share Disappearing Media

WhatsAppโ€™s โ€œView Onceโ€ feature, intended to provide users with a secure way to share photos and videos that self-destruct after being viewed, has been exposed as a major security vulnerability. Researchers have discovered a simple method that allows malicious actors to bypass the featureโ€™s protections and save โ€œView Onceโ€ media for later use.

The flaw lies in how WhatsApp handles โ€œView Onceโ€ messages. Instead of being sent directly to the intended recipientโ€™s device, these messages are actually sent to all of their linked devices, including web applications. This means that attackers can intercept the messages and modify them to remove the โ€œView Onceโ€ flag, effectively turning them into regular, downloadable media.

Once the flag has been removed, the media can be easily saved and shared without the senderโ€™s knowledge. The attackers can even access a low-quality preview of the media without downloading the full file. Additionally, WhatsApp does not immediately delete โ€œView Onceโ€ media from its servers, leaving it vulnerable to exploitation for up to two weeks after it has been downloaded.

This discovery has serious implications for the privacy and security of WhatsApp users. It highlights the importance of being cautious when sharing sensitive information through the app, especially when using the โ€œView Onceโ€ feature. While WhatsApp is likely working to address this vulnerability, it is essential for users to be aware of the risk and take appropriate precautions to protect their privacy.

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!

Nayab Khan

Nayab Khan is a freelance tech-writer whose specialty is absorbing the key data and articulating the most important points. She helps IT based organizations communicate their message clearly across multiple channels.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
>