Whatsapp: a vulnerability detected

Whatsapp: Detected a vulnerability in WhatsApp that allows you to monitor the sleep habits of their users. a vulnerability in WhatsApp allows you to access the log of our activity. Although it is not serious gives us the importance of the privacy of the apps in our smartphones.










An engineer of ‘software’ has detected a vulnerability in the messaging application WhatsApp, through which it is possible to know information about your activity using the indicator ‘In-line’ of the ‘app’. To this end, has developed an extension for the Google Chrome browser which is able to monitor the activity of other users.



The engineer ‘software’ Rob Heaton has published a ‘post’ in your personal web page where he details that WhatsApp allows its users to choose which people can see your last login in the application –all over the world, all their contacts or to nobody– but it is not possible to hide the status indicator ‘In-line’ which is displayed in real-time.



WhatsApp has some privacy settings. Users can choose whether to display your “last view” to the whole world, only your contacts, or nobody. Fortunately and of course, the default value for all configurations of privacy is to share everything with everyone, and few people think to play with it If WhatsApp is the first to open and last to close, you’re sold.





New post showing how to track an unsuspecting target’s sleep pattern (+more) using only their phone number+WhatsApp. https://t.co/4huvTP4sBg

— Robert Heaton (@RobJHeaton) 9 de octubre de 2017




Although it is not serious gives us the importance of the privacy of the apps in our smartphones On the basis of this vulnerability, Heaton has developed an extension for Google Chrome that, set up with the web version of WhatsApp, allows you to monitor and draw a graph of the routines of the application’s activity by its users, and thus obtain personal information such as the sleeping habits of the person.



Rob Heaton has raised in his publication a scenario in which an individual avails itself of this extension, configurable “with four lines of JavaScript”, to control the habits of use of WhatsApp of a person, and as well determine what their sleep schedules. Is more, the computer science engineer has managed to combine the monitored data of multiple users to determine whether these are in contact with each other.



The author of this Chrome extension has warned that this data could be sold to health insurers, and credit agencies, “both very suspicious with people who are awake at four in the morning.”



[anuncio_b30 id=1]






Whatsapp: Detected a vulnerability in WhatsApp to know the status online

This vulnerability is used to extract information of interest, which will provide the hacker the opportunity to track the daily routine of a person subject to surveillance, which is useful for insurance companies, credit or any type of research that have our mobile phone number.



Heaton found that when crossing data from two conversations in which it is possible to track the last time a user was on-line, you can determine exactly which of your contacts talk to that person.



The developer explained that it can determine the time duration of the communication, information of paramount importance to any kind of research.



Heaton raised up to where you would reach to exploit this vulnerability, assuming that a user is able to create a Chrome extension to sneak into this hole via WhatsApp Web to observe the activity every 10 seconds. It should be clarified that on the basis of this record only has access to the activity on WhatsApp, nor are there images or other data, but with a comprehensive follow-up can be estimated when the user goes to sleep or when you wake up, for example.



Which shows the engineer is that it would be very easy to create this extension, which would take advantage of the communication of WhatsApp with the browser, and that with only four lines of code and a standard computer it would access the information at once that could store.



Monitoring of a person on WhatsApp presents a different set of challenges for the follow-up of him on Facebook. Facebook sends data to your browser using direct HTTP requests that you can easily write a program to imitate. However, WhatsApp communicates with your browser using a protocol to Web Sockets is much more complex. You could make a Chrome extension to view and record the content of your activity web.whatsapp.com. With 4 lines of Javascript obtain the data.




[anuncio_b30 id=1]





// NOTE – Requires jQuery

setInterval(function() {

var lastSeen = $(‘.pane-header .chat-body .emojitext’).last().text();

console.log(Math.floor(Date.now() / 1000) + «, » + lastSeen); }, 1000);


You’ll need to connect to web.whatsapp.com in a computer. You set up the data and leave the Console of Chrome. Returns a few days later you see what a person has been doing. Copy and paste the console output of development and draws a pair of graphics very illustrative.



In addition to some interesting graphs of the patterns of use of WhatsApp with some users you can get patterns of conduct common questions what it is that makes you send so many messages for a few weeks, but almost none for others. You could get to know if two of your friends are secretly dating, according to Rob Heaton.




Whatsapp: Detected a vulnerability in WhatsApp and you can use it to see if two people have the same pattern.




With news like these is where we realize how important privacy is, now that we are always connected, thanks to our smartphone. We are geeks and geeks and we are techno-dependent. I at least the last thing before I go to sleep is to look at the Whatsapp. After reading the news.


Whatsapp: Detected a vulnerability in WhatsApp now I have adjusted my privacy in the app by excellence instant messaging my cell phone.







Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.