It has been demonstrated that a deliberate design decision for the WhatsApp messaging application created a vulnerable condition that could allow for entire conversations or calls to be intercepted. Exploitation of this condition would require a very highly skilled threat actor to access to WhatsApp servers in order to execute a man-in-the-middle attack.
Wapack Labs has reported on WhatsApp privacy in the past. An archive of related reporting can be found in the Red Sky Alliance portal.
TLP: GREEN
ACTOR TYPE: (V)
SERIAL: TIR-016-2017
COUNTRIES: All
REPORT DATE: 20170125