WhatApp has always had security holes. The social messaging app, to its credit, has regularly processed them. And once again, WhatsApp must do its firefighting job well, as an independent Indian cybersecurity researcher and bounty hunter has made the serious claim that many WhatsApp users' mobile numbers are available through a simple Google search. But for now, Facebook, which owns WhatsApp, has denied this, saying that search results only reveal what users have chosen to make public anyway. The researcher, Athul Jayaram, claimed that the WhatsApp web portal had revealed between 29,000 and 300,000 mobile numbers of plaintext WhatsApp users accessible to any plaintext user. "Affected users are from the US, UK, India and almost every other country. What makes it easy or seems simple is that the data is accessible on the open web, not on the black net," he says. Jayaram. Jayaram says a bug in WhatsApp's Click to Chat feature was jeopardizing the phone numbers of users of the social messaging site by allowing Google Search to index them. Click to chat allows users to start a WhatsApp conversation with another user without storing their phone numbers in the sender's address books. This allows websites to interact with their visitors without the visitor dialing the phone number.
Remember when WhatsApp groups were available on the internet using Google search? Well now the phone numbers are: pic.twitter.com/lYC8ACV7oW7 June 2020
Messages can also be filtered
Facebook removed the functionality to search for users with their phone numbers a year ago due to a privacy risk and a phone number leak. But a few days ago WhatsApp launched a new feature where friends can add you to their list by scanning a QR code. Jayaram says that the phone numbers of those who use this feature to connect to websites may appear in Google search results as the search indexes the feature's metadata. He says that users' phone numbers are visible in plain text in the URL: https://wa.me/Google this - site: https: //t.co/lQejnYDjvs "+91" You will end up with thousands of @WhatsApp numbers that, I suppose, should not be available to the public. Wondering if @Whatsapp will fix it or keep it that way on purpose? Fun fact, it works for almost all countries. ? pic.twitter.com/g8MtotmxW5 June 7, 2020