The described weaknesses enable attacker A, who controls the WhatsApp server or can break the transport layer security, to take full control over a group. Entering the group, however, leaves traces, since this operation is listed in the graphical user interface. The WhatsApp server can therefore use the fact that it can stealthily reorder and drop messages in the group. Thereby it can cache sent messages to the group, read their content first and decide in which order they are delivered to the members. Additionally the WhatsApp server can forward these messages to the members individually such that a subtly chosen combination of messages can help it to cover the traces.As respected cryptography expert Matthew Green explains, the attacks are difficult to pull off successfully, and "nobody needs to panic." Nonetheless, that doesn't mean that the problem should be ignored. Green told Wired that "It's just a total screwup" and described the flaw as "eminently fixable." In their technical paper, the researchers recommend that group management messages are signed so they can be properly authenticated:
In order to ensure that only administrators of a group can manipulate the member set, the authenticity of group manipulation messages needs to be protected. This can be achieved, for example, by signing these messages with the administrator’s group signature key.Even though typical WhatsApp users may not lose too much sleep about this particular attack, it may certainly be a concern for journalists and whistleblowers who might have been attracted to WhatsApp in the misguided belief that it delivered total security and privacy. A WhatsApp spokesperson confirmed the researchers' findings but reiterated that chat group members would be notified if new parties were added to a conversation:
We've looked at this issue carefully. Existing members are notified when new people are added to a WhatsApp group. We built WhatsApp so group messages cannot be sent to a hidden user. The privacy and security of our users is incredibly important to WhatsApp. It's why we collect very little information and all messages sent on WhatsApp are end-to-end encrypted.That response may be technically accurate, but I think most WhatsApp users would expect a group chat's membership to be controlled by the group's administrator - and not something that could be manipulated by an unauthorised party. Let's hope that WhatsApp responds appropriately to the researchers' findings and plugs this security hole before the threat evolves from being purely theoretical to real life. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.