WhatsApp quietly added a new encryption mechanism to make it increasingly difficult for anyone to access data uploaded to the iCloud drive, Forbes has revealed.
Aside from iCloud’s existing protection, hackers will now have to deal with WhatsApp’s new encryption keys which protect backup files.
Last year, WhatsApp had introduced end-to-end encryption of communications which benefited over a billion users across the globe. However, Federal agencies and hackers could still access the data by hacking into iCloud servers and downloading dumps.
WhatsApp responded in November of last year by adding a new encryption key for data uploaded to iCloud servers. If a user decides to back up data to iCloud, WhatsApp sends the user a verification code which he/she needs to type in to generate a unique encryption key. This key is then used to encrypt data uploaded to the iCloud Drive.
This way, WhatsApp has added a unique encryption mechanism which protects user data even if government agencies or hackers get past Apple’s iCloud protection.
Oxygen Forensics, a supplier of mobile and cloud hacking tools, has claimed that it can circumvent the latest encryption mechanism to access user data. However, it cannot do so by simply downloading data dumps from iCould Drive. To be able to access encrypted data, the firm requires a SIM card with the same number as the one which it intends to hack, along with associated Apple ID and password. This way, the firm will be able to access the verification code sent by WhatsApp to that particular number to generate the key and decrypt downloaded data.
WhatsApp’s new encryption mechanism seems to be working, for the FBI has not been able to hack into more than 3,000 mobile devices using current tools in the first half of the current fiscal year. According to former FBI director James Comey, who has since been fired by Trump, ‘this figure represents nearly half of all the mobile devices the FBI attempted to access in that timeframe.’
The news comes after it came to light in January that a WhatsApp encryption vulnerability could have enabled messages sent using the service to be intercepted. According to Tobias Boelter, a researcher at the University of California, because of WhatsApp’s policy to force the generation of new encryption keys for offline users, senders had to re-encrypt undelivered messages with new keys before sending them again.
This meant that any hacker could register the receiving number with the WhatsApp server and read the resent, re-encrypted message. “The potential for governmental abuses from this misuse of encryption with WhatsApp is alarming,” he said.
“This is a serious vulnerability – WhatsApp needs to know how keys are protected in order to keep the global communications of over a billion users safe and private. This potential gap in security is a reminder for businesses of the power of cryptographic keys and how a lack of knowledge regarding their use can have serious consequences. Systems need to be in place to protect and change keys quickly, as and when needed,” he added.