WhatsApp has been attacked by spyware recently. It allows the attackers to control a user’s cellphone remotely. Nevertheless, the BBC reports that the WhatsApp end-to-end encryption feature is still functioning.
If this is true, cyber criminals cannot read any messages they tap when they attack WhatApp. Thus, the WhatsApp Spyware attack could be minimized.
However, there are several warnings. The message can be read before it is encrypted or after it has been decrypted. That means any spyware dropped by an attacker can read the message.
It could be happen because WhatsApp provides an option to back up chat to Google Drive or iCloud, but the backup copy is not protected by end-to-end encryption.
Attackers can access the old chats if they enter a cloud storage account. Of course, even if the user decides not to back up the chat, the person they ordered can still upload a copy to their cloud storage.
End-to-End Encryption for WhatsApp Spyware: Not a Gimmick.
On May 14, 2019, the Bloomberg news site has published an opinion article that calls WhatsApp encryption is only a gimmick. Unfortunately the cyber security experts have a different point of view.
“I don’t think it’s helpful to say end-to-end encryption is useless just because vulnerability is found sometimes,” Dr. Jessica Barker from cyber security company Cygenta, as reported by the BBC website, Thursday (05/16/2019).
“Encryption is a good thing that gives us protection in many cases,” Jessica added.
End-to-end encryption makes it difficult for attackers to read messages on WhatsApp.