Another vulnerability of the multiplatform WhatsApp application

OKsystem news

January 7, 2020

Mobile WhatsApp could be dropped by a malicious message in the web browser version (ie WhatsApp Web).

Using WhatsApp Web in the browser, it was possible to send a malicious message to the group conversation, which caused the crash of all connected mobile clients for iOS and Android. The information was provided by, which also said that after finding the WhatsApp bug, of course, it was immediately repaired for both platforms.

Our BabelApp application intentionally does not offer the possibility of running the application in the browser version - it presents a number of dangers. Most of such applications are only thin clients, which means that the data is not stored locally, but on a server. Our servers do not store encryption keys for clients and never will - the keys are stored only on client devices, which ensures the best possible security. In addition, in some browsers, the server (attacker) may receive information from another tab / window. Which is a completely different kind of vulnerability / attack that is completely out of our control. With our current application, everything is developed, managed and set up in the best possible way we can keep user data safe.

More detailed description of the WhatsApp vulnerability:

Back to list