WhatsApp’s View Once feature breach found by malicious hackers

September 10, 2024
1 min read



TLDR:

Attackers have found a flaw in WhatsApp’s “View Once” feature that allows them to save and distribute media without the sender’s knowledge. The flaw lies in how the feature is implemented, allowing attackers to easily bypass it. WhatsApp should implement DRM or send “View Once” messages only to primary devices until the issue is fixed.


Full Article:

WhatsApp’s “View Once” feature, designed to enhance privacy by allowing users to send photos and videos that disappear after being opened once, has a critical flaw that attackers are actively exploiting. The Zengo X Research Team found that attackers can save and distribute “View Once” media without the sender’s knowledge by easily bypassing the feature.

The core issue lies in WhatsApp’s implementation of the “View Once” feature, where messages are sent to all of the receiver’s devices, including unintended ones that can display them, such as web applications. Attackers can change the “View Once” flag to convert the media to a regular, downloadable format, allowing them to access and distribute the media.

WhatsApp should either implement a proper DRM solution that verifies hardware support for DRM or send “View Once” messages only to primary mobile devices to address this issue. Until the flaw is fixed, users should be cautious about the privacy of their “View Once” media.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and