Share LinkedIn Twitter Facebook Security researchers at Praetorian, who have been running a project known as Project Neptune to assess the security of mobile apps, did a limited assessment of the iOS and Android versions of WhatsApp and discovered a number of issues around the way the app uses SSL. “Within minutes, Project Neptune picked up on several SSL-related security issues affecting the confidentiality of WhatsApp user data that passes in transit to back-end servers. This is the kind of stuff the NSA would love. It basically allows them—or an attacker—to man-in-the-middle the connection and then downgrade the encryption so they can break it and sniff the traffic. These security issues put WhatsApp user information and communications at risk,” Paul Jauregui of Praetorian wrote in an explanation of their test.
About PraetorianPraetorian is a cybersecurity company whose mission is to make the digital world safer and more secure. Through expertise and engineering, Praetorian helps today’s leading organizations solve complex cybersecurity problems across critical enterprise assets and product portfolios. At Praetorian, we are bringing together the world’s security expertise to solve the cybersecurity problem and secure the next-wave innovation. Who We Are