A security expert has discovered a severe vulnerability in WhatsApp Messenger that allows to easily retrieve the conversations that were already deleted by the user and we all know that a security breach on the service like WhatsApp could do great damage.

Your WhatsApp Conversations Are Not Being Deleted Actually

As we all know that WhatsApp Messenger is a proprietary cross-platform, encrypted, instant messaging client for smartphones and it is one of the big success stories of the Facebook. The social media giant Facebook Bought WhatsApp in February 2014, WhatsApp’s founders attached a purchase price of $16 billion: $4 billion in cash and $12 billion remaining in Facebook shares. Hence, the WhatsApp Messenger never stops climbing success heights.

Suffice to say that a security breach on the service could do great damage. If the security researcher Jonathan Zdziarski has not found a way to totally destroy WhatsApp, yes the security researcher Jonathan Zdziarski has discovered a small specificity in the encryption of conversations that could undermine the privacy of our conversations.

This is what the security researcher Jonathan Zdziarski posted on his blog, usually the WhatsApp conversations which we delete from WhatsApp actually it never get erased from the phone memory. Yes, it means later the conversations can be recovered and reconstructed back into its original form.

As the application stores, an unencrypted version of every conversation and any hacker who may have physical access to the smartphone can easily retrieve the logs of messages exchanged.

The security researcher Jonathan Zdziarski stated on his blog that “To test, I installed the app and started a few different threads. I then archived some, cleared, some, and deleted some threads. I made a second backup after running the “Clear All Chats” function in WhatsApp. None of these deletion or archival options made any difference in how deleted records were preserved. In all cases, the deleted SQLite records remained intact in the database”.

Hence, the security researcher Jonathan Zdziarski explains that the problem is with the SQLite library of the application that does not automatically overwrite recent conversations once deleted by the user. For the moment, the problem has been identified on the iOS version of the app, but not yet tested on the Android version by the expert.

However, the security researcher Jonathan Zdziarski indicates that iMessage to Apple is also using the same library and therefore suffers from the same concern.