After the last week one million UDID Apple devices leak, mobile security took the spot light. One web developer is turning attention to a security risk regarding a very popular application “WhatsApp” for Android that could result in messages being intercepted or spoofed.
The application uses a phone number for a username and a modified version of the IMEI (International Mobile Equipment Identity) number as a password and those two numbers are rather easy to be obtained by hackers, and therefore can easily be used to hijack the account, and Information sent to the programmed number can be intercepted, including voice, text and images. Worse yet, since the information comes from another number, that second number can be intercepted and then hijacked.
And it worth mentioning that this flaw is in Application version of the Android only, the iPhone version of the app does not appear to have the flaw, but he isn’t sure whether the Windows Mobile and BlackBerry versions has the same issue.
Although this concerns has been a while now roaming the net, But WhatApp didn’t do anything yet to secure it application, so in the mean time people must be super careful when sending any kind of sensitive information on this Application, specially bank account information.