Flaw in WhatsApp Security Revealed

A security flaw in WhatsApp could enable a hacker to spy on a private group chat, warn researchers.

The vulnerability means that anyone with access to WhatsApp servers can join a private group or insert someone without the chatroom administrator’s permission.

The findings from researchers at Ruhr University in Germany point out that sensitive conversations including those by women MPs at Westminster discussing sexual harassment could be infiltrated by an outsider.

Also, once a hacker accesses a group they then have the phone number of each group member and will automatically share secret keys and have access to all future messages.

The researchers say that for any users who are looking for absolute privacy in their group chat should sign up with encrypted app Signal or restrict their WhatsApp use to simply sending private messages.

The researchers also called on WhatsApp to introduce a new authentication mechanism for any new invitations to a group.

Mobile app growth is slowing down

Researchers at Flurry say that the growth in global mobile apps is slowing down even though smartphone users are still spending more than five hours every day using their device.

Now the firm says that apps need to build-in daily usage habits in a bid to boost growth.

Flurry has now measured app activity growth and found that in 2016, the number of sessions grew by just 6%. In 2015, growth was 11%.

They have tracked more than 1 million apps across more than 2.6 billion devices for their study.

Also, there are big changes in how people use apps; for shopping, use grew by 54% as consumers continue to move their spending online with media, music and entertainment coming a close second with 43% growth.

The steepest decline was seen by lifestyle apps which fell by 40%. Gaming also fell again with a decline measured at 15%.

‘Open Banking’ sparks security fears

New rules imposed from 13 January mean a revolution is about to hit the finance world.

That’s when we will get more power over the data that banks hold about us.

The aim is to boost competition and help us save more money.

However, industry experts say that the growing use of banking apps is creating a big security concern with crooks able to carry out more bank transfer scams.

The rules have been introduced by the European Union so banks and building societies must now allow developers of web and mobile phone apps to plug into the user’s current account data if the customer gives them permission.

Flashlight apps hit by malware

Researchers have revealed that malicious adware has infected more than 22 flashlight apps which have been downloaded between 1.5 and 7.5 million times.

The malware has been tagged as ‘LightsOut’ and will generate ad revenue secretly for its developers.

The malware will bombard constantly the phone’s user with pop-up ads that must be clicked before they can use their device.

The apps are found on Google’s Play Store and after they have been launched, the app hides its icon on the main screen so it is more difficult to find and then uninstall the app.

Child-friendly apps hide malware

Researchers say they have found more than 60 child-friendly apps that are hiding malware designed to rob mobile phone users or display pornography.

The apps are available from Google Play Store and, security firm CheckPoint says, the apps have child friendly themes including ‘Fidget spinner for Minecraft’. They’ve called the malware AdultSwine and Google now says it has removed the apps from Play.

In other mobile phone app news …

Some of Apple’s biggest investors are calling on the firm to limit how long children can use apps and its smartphones. The call has been welcomed by academics who say that imposing restrictions will help youngsters.

Russian smartphone users are being warned over malware that will access their banking text messages to enable criminals to intercept bank security codes. They can then use the codes to access and reset bank account passwords and empty the bank account itself. The malware is dubbed as ‘FakeBank’.

Search and Mobile enthusiast, like to tinker in apps, machine learning, big data and currently Python.