The Android version of WhatsApp has a loophole that leaves chat histories wide open to other apps installed on the same smartphone, according to new findings from a security consultant says.
Consultant, system administrator, and entrepreneur Bas Bosschert documented the vulnerability in a blog post published Tuesday.
“The WhatsApp database is saved on the SD card which can be read by any Android application if the user allows it to access the SD card,” Bosschert wrote. “And since [the] majority of the people allows [sic] everything on their Android device, this is not much of a problem.”
“So, we can conclude that every application can read the WhatsApp database and it is also possible to read the chats from the encrypted databases,” Bosschert wrote. “Facebook didn’t need to buy WhatsApp to read your chats.”
Last month, Facebook bough WhatsApp for a massive $19bn, causing many in industry to question the value of the purchase, and the social networks confidence in its own growth.
Read the blog here