WhatsApp is the most widely used messaging application and one of the company’s objectives is WhatsApp-to-take-drastic-measures-to-improve-the-privacy-of-users-what-is-it-about-20220416-0021.html ” target=”_blank”> improve privacy due to the growing concern of users. However, in recent days it was discovered a bug recently in the WhatsApp-prepares-a-long-awaited-update-for-your-status-20220429-0049.html” target=”_blank”>status section that allows knowing the location of a user through a trick.
Until now, there were different ways to get the most out of the platform owned by Meta to get to know information from other users: read the new messages sent by other users without them knowing, and you can even know WhatsApp-so-you-can-know-how-many-times-a-contact-saw-your-status-20220410 -0027.html” target=”_blank”>who sees your statuses, or “snoop” another user’s statuses without them knowing. But now, thanks to a hole in the states that allow knowing where a user is in a subtle and accurate way.
The states came to WhatsApp, inspired by Instagram Stories, which in turn were an imitation of Snapchat. However, what should be a way to temporarily share trivia with friends can be a trap if used with malicious intent.
The specialist Gaspar Cano warned, in a blog post the evil side from Chema AlonsoSpanish hacker, who with the use of links in the states it is possible to geolocate a contact on a certain moment.
For those who have never used it, since they are not one of the most popular functions of WhatsApp, the statuses can be videos and images with elements such as text or links that are shared through the user’s profile image. They have an expiration date of 24 hours and each one can adjust which contacts they allow access to that publication.
However, as they explain in the publication, unlike what happens on Instagram, on WhatsApp it is possible to see a detailed summary of the people who viewed a Statusalong with the exact time it was done.
Combining this information, with a link to a website capable of capturing the visitor’s IP address, it is possible to record the geo-positioning information of those people who access the website. By crossing the location data with the visit time information reflected by WhatsApp, it is possible to determine which visitor corresponds to each location.
Yes ok this requires some computer skills that not everyone has, however demonstrates once again the dangers that can lie behind a simple link.
Redirecting contacts to a website other than WhatsApp, the hacker can create what is known as a table in MySQL for the purpose of storing personal information such as the geolocation of the IP addresses of visitors. That is, a database on the IP address of those who enter the web from WhatsApp.
With those IP addresses, they know the location of the person. Other details such as the internet provider the person uses, whether they use a mobile network or a fixed connection can also be collected.“exposing the browsing privacy of contacts in a way neither authorized nor requested,” Cano stressed.
Recommendations to prevent them from knowing your location on WhatsApp
Cano considered that the company should “make status access logging less ‘verbose,’ and make it more Instagram-like.” For an app that protects its messages with end-to-end encryption, giving so much detail about what other users are doing seems counterintuitive.
On the part of the users, certain measures can be taken, such as disable read receiptsa very simple trick to prevent the person who published the status from knowing that you have consulted it. Another option is to use a VPN that protects browsing dataamong which is geolocation and prevents websites from knowing that information.