According to a new analysis from Mobile Security Framework (MobSF), WhatsApp falsely claims to be a highly safe service while advertising end-to-end encryption, a wealth of privacy options, and other security measures.
MobSF is a static and dynamic analysis-capable automated mobile application (Android/iOS/Windows) for pen-testing, malware analysis, and security assessment.
Its most recent analysis on WhatsApp demonstrates how high-risk Meta’s messaging program is, awarding it a C grade for security with a score of 39/100.
25 high-risk concerns and 94 medium-risk issues were found by the analysis. The majority of these concerns WhatsApp’s need for permissions and how much information the app might access on your phone.
For instance, the messaging app has access to both your GPS position and your coarse location, which the research claims may be exploited by malicious apps to determine where you are and drains your battery.
Additionally, it has the ability to read the identification and state of your phone, receive and process SMS, and display system-level notifications, which would enable malicious apps to completely take over the screen.
Down the list, there is a large list of high-risk permissions, such as the capacity to access the phone’s external storage or gather your full camera roll.
The report also advises against setting the app’s start mode activity to “singleTask/singleInstance” because this permits other apps to read intent, endangering sensitive data.
Numerous of these obvious problems were already mentioned in WhatsApp’s new privacy policy from the previous year, which compelled millions of users to transfer to different programs like Telegram and Signal. However, this latest investigation from MobSF also unearths extensive technical data.
To read our blog on “Mark Zuckerberg claims that WhatsApp is much more private and secure than iMessage,” click here.