|
AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages! You are not logged in. Login here for full access privileges. |
| Previous Message | Next Message | Back to Slashdot <-- <--- | Return to Home Page |
|
||||||
| From | To | Subject | Date/Time | |||
|
|
VRSS | All | A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Number |
November 18, 2025 9:20 AM |
||
Feed: Slashdot Feed Link: https://slashdot.org/ --- Title: A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers Link: https://yro.slashdot.org/story/25/11/18/14592... Researchers at the University of Vienna extracted phone numbers for 3.5 billion WhatsApp users by systematically checking every possible number through the messaging service's contact discovery feature. The technique yielded profile photos for 57% of those accounts and profile text for 29 percent. The researchers checked roughly 100 million numbers per hour using WhatsApp's browser-based app. The team warned Meta in April and deleted their data. The company implemented stricter rate-limiting by October to prevent such mass enumeration. Meta called the exposed information "basic publicly available information" and said it found no evidence of malicious exploitation. The vulnerability had been identified before. In 2017, Dutch researcher Loran Kloeze published a blog post detailing the same enumeration technique. Meta responded then that WhatsApp's privacy settings were functioning as designed and denied him a bug bounty reward. The researchers collected 137 million U.S. phone numbers. In India, they found nearly 750 million numbers. They also discovered 2.3 million Chinese numbers and 1.6 million Myanmar numbers, despite WhatsApp being banned in both countries. The researchers analyzed the cryptographic keys and found some accounts used duplicate keys. They speculate this resulted from unauthorized WhatsApp clients rather than a platform flaw. Read more of this story at Slashdot. --- VRSS v2.1.180528 |
||||||
|
||||||
| Previous Message | Next Message | Back to Slashdot <-- <--- | Return to Home Page |
|
Execution Time: 0.0133 seconds If you experience any problems with this website or need help, contact the webmaster. VADV-PHP Copyright © 2002-2025 Steve Winn, Aspect Technologies. All Rights Reserved. Virtual Advanced Copyright © 1995-1997 Roland De Graaf. |
