WhatsApp Knowingly Left Over a Billion Users Vulnerable — Is It Time to Change?

ODIN Blockchain
Sep 5 · 3 min read
ODIN aims to improve the world through a network of open source cooperatively built mobile applications with a focus on privacy and decentralization.

During a briefing at the annual Black Hat security conference in Las Vegas on August 7, researchers from Israeli security company Check Point revealed how Facebook-owned WhatsApp could be hacked to change the text of a message and the identity of the sender. If that sounds worrying enough, these vulnerabilities were revealed to WhatsApp last year but remain exploitable today. (Forbes.com)

Examining the Numbers

1 Year — The amount of time WhatsApp knowingly left their user-base vulnerable.

1,500,000,000–[1.5 Billion] Active users.

180 Countries hosting these active users.

23-The average number of times the average user checks WhatsApp daily.

29,000,000-[29 Million] Messages sent per minute by its user-base.

41,760,000,000-[41.76 Billion] Messages per day by its user-base.

1,252,800,000,000-[1.25 Trillion] Messages per month by its user-base.

15,242,400,000,000-[15.24 Trillion] Messages per year by its user-base.

Data provided by (99firms.com)

The numbers are staggering. 1.5 Billion users are checking an average of 23 times a day and sending a mind-blowing 29 million messages per minute, leaving more than 15.24 trillion messages susceptible to the vulnerability.

Researchers at security software company Check Point said in August last year that they had discovered ways in which a malicious actor could alter messages in WhatsApp, “essentially putting words in [someone’s] mouth”, and also change the identity of the sender of content in a group chat. (FT.Com)

Video Provided by Check Point exposing the WhatsApp vulnerability
WhatsApp was initially made aware 12 months ago as seen in the first published video. The second of which shows the vulnerability still active as recently as 4 weeks ago.

What vulnerabilities were exposed?

Sender Identity Manipulation — The vulnerability allowed for malicious parties to change who said what in a group text. Imagine someone you were conversing with said something unsavory; the vulnerability allowed for an ill intending third party to change the sender’s identity show as if you had sent out the not so choice words and the potential repercussions of such.

Message Text — Not only did the vulnerability allow for the identity of the “sender” to be manipulated, but the text in the message itself was also susceptible. In the video above, it shows the message content being changed to reflect modified financial terms in an employer-employee conversation, potentially leaving the employee in a position of strength should this be brought to arbitration or something of that nature.


Surely there are alternative messengers, right?

ODIN.Chat a Secure, Blockchain-Powered, Decentralized-Messenger

ODIN wants you to own your conversation. Having realized the impending doomsday scenario where massive leaks of personal data lead to real-world consequences, ODIN Blockchain decided to do something about it and built ODIN.Chat, a blockchain-powered, secure messenger with the end user’s privacy in mind.

Where do I find out more about ODIN.CHAT?

Discord Reddit Telegram ODIN Blockchain M.A.S.H. Odin.Chat

Read more about how to get Ø(ODIN) here.

Come on by our discord and @ [nondescript | ODIN] to have a discussion around the topics in this article.

ODIN Blockchain

Written by

Mobile app platform, built on $ODIN. We support and fund innovative community projects. https://odin.chat is our flagship privacy messenger app.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade