Security vulnerability: WhatsApp chats unencrypted on the Internet


Level 37
Thread author
Top Poster
Feb 4, 2016
The Munich-based startup Zapptales has developed a business model in which users can turn private chats from services such as Facebook Messenger, Telegram, Threema, iMessage or Whatsapp into a bound book that they can then give away to friends, relatives or partners. In contrast to a classic photo, the Zapptales book contains not only images but also the desired message history. We reported on this.

Vulnerability in Zapptales database​

To create the chat books, Zapptales provides an app that users can use to upload their private conversations. The security experts from Zerforschung have found a serious security hole in this app. As can be seen from a report that was sent to the Federal Office for Information Security (BSI) and the responsible Bavarian state data protection supervisory authority and is available to Spiegel, attackers would have chats, chat media and the complete PDFs of the Zapptales books via this gap can see.

69,000 customer data at risk​

The addresses and email contact details of a total of 69,000 Zapptales customers were also visible due to the security gap. According to research, the access by third parties was caused by a mistake by the app developer. They had accidentally written the access keys to the databases containing customer data into their web application.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.