Can WhatsApp be Hacked? How to Secure your WhatsApp Account?

This post is not about ‘How to Hack WhatsApp Account’ or how to use some WhatsApp Hacking tool to intrude someone else privacy. But, this article is about how WhatsApp can be hacked and what can we do to secure it.

So please be a mature reader and don’t ask me ‘how to hack your boyfriend/girlfriend WhatsApp account. (Yes, I do get emails like that). My intention is to create awareness so that you can prevent your WhatsApp from getting hacked. Now that being said let’s get started.

whatsapp

Is it really possible to hack WhatsApp

Well theoretically Yes, There is nothing like 100% security in the world. Almost any system can be hacked, any security can be breached and any encryptions can be cracked. When we say how secure is this system, it actually means is —

How much time and resources will it take to hack the system?

So what ‘WhatsApp’s security team’ do is, they increase the level of security to an extent, that hacker has to spend a huge amount of resources and time to hack WhatsApp. And trust me, the security is strong enough, to stop any average joe from hacking WhatsApp.

So if you WhatsApp account is compromised, it’s more likely that the suspect has access to your device. Hacking WhatsApp conversation wirelessly is not possible.

There are a few WhatsApp hacks tool like WhatsApp Sniffer or methods like spoofing mac address which claims to Hack Whatsapp conversation. So I decided to test them out and find out if they really work or not.

1. WhatsApp Hack: Read chats from locked WhatsApp

[Update: This workaround do not work after recent WhatsApp update]

If you believe locking your WhatsApp with a password, makes it secure then you are wrong. Even after locking WhatsApp with AppLock, one can read all your chats easily. All they need is access to your device for a minute.

How it’s done?

The logic lies behind this is, WhatsApp takes daily backup of all your conversation, And if you can get the backup, you can read the chat. Now there is 2 way to get the backup.

First by finding the backup file using the file manager and then send it to other device using Bluetooth. But this file is encrypted. But thankfully this can be extracted. How this can be done, is beyond the scope of this article but interested ones can read this thread on Xda developer.

(/sdcard/WhatsApp/Databases/msgstore.db.crypt)

Second, method is my favorite which I accidently discovered while I was testing some other app. By using auto backup apps like backup text for WhatsAppone can directly email all the WhatsApp chat in plain text.

whatsapp hacked using backup whatsapp

All you need to do is take your friend’s phone, install this app, take a backup, and then send it and once you are done uninstall the app. All this can be done in less than a minute while the WhatsApp is locked with a password. Video demonstration

How to prevent it?

Block the access to file manager and lock the play store and settings as well and make sure you don’t allow installation from unknown source by going to setting > device security.

Related: How to block Adult content on Android 

2. WhatsApp Hack: Read all Messages with WhatsApp Sniffer

This application claims to read all the chats taking place over the same WiFi network.

How does it work?

WhatsApp sniffer was once available on PlayStore but was soon removed after the detection it’s vulnerability to WhatsApp. It uses ARP request to spoof all the messages.

Back then WhatsApp messages were simple plain text, so anyone could read it. But not now, from August 2012 onward WhatsApp has started encrypting its messages.

How to prevent it ?

I often see people asking whether WhatsApp sniffer still works.  I asked the same question on several forums and got the same answer. NO, WhatsApp sniffer no longer works. However,  if someone outside your circle is anxious to use your WiFi then be careful.

3. WhatsApp Hack: Spoof MAC address on android

Many forums have now verified its working.

How does it work?

Every device has a unique mac address and WhatsApp uses it to verify that you are not using WhatsApp on two different devices with same no. So if the hacker is able to spoof mac address than he will be able to see all yourWhatsAppp activity.

How to prevent it?

Unfortunately, there is nothing much you can do. But this WhatsApp hack can’t be performed by a normal user.

It requires rooted phones and deep knowledge of commands, in short, advanced computer skills. So unless you are having some very interesting WhatsApp conversation, no one is going through that much trouble.

4. Whatsapp Hack: Using third party spyware

There are some websites like bossay, zealspy, mSpy and other third party spyware which claim to hack WhatsApp conversation. Although I have never used these apps, however from what I have read, they are yet another WhatsApp Hack Scam.

Apps like this are paid and often require you to install a small piece of software on the victim’s device. Not to forget, there is no guarantee that it will work even after that.

For instance, mSpy is a parental app that claims to track the victim’s calls, text messages, WhatsApp chats etc.

 

whatsapp-hack-with mSpy

5. Whatsapp Hack: Using WhatsDog

So apparently there is a new kid in town, calledWhatsDog. Although this application is far away from hacking WhatsApp. However, I found it little creepy.

WhatsDog (not available)-  can track anyone’s WhatsApp activity, all you need is their phone number. To get started, you have to enter the phone no. of the victim and the app register it for tracking.

Over timeWhatsDog keep an eye on the victim’s WhatsApp usage and maintain a report. UsingWhatsDog, one can find out when a person is online, how often are they online, analyze their WhatsApp usage by preparing charts and calendar.

Video tutorial: How to spy on WhatsApp’s contact usingWhatsDog

Update: WhatsDog is no longer available on PlayStore but you can still found them on the internet, though.

How to stop it?

Sadly, there is no way to stop WhatsDog. Since it’s not doing anything that goes against WhatsApp t&c. If you don’t want people to see your last seen or online activity then turn it OFF by going to your WhatsApp privacy setting. But then you won’t be able to see others time stamp as well.

6. Spy on WhatsApp conversation with Airdroid

Airdroid is a popular android app that connects your Android with your PC. But it in its recent update it has released an awesome feature that mirrors your Android screen to a computer. Now you may wonder, how this can be used to hack your WhatsApp conversation?

How does it work?

The suspect may take your Android for a minute. Install Airdroid or if you have already installed (s)he will login to his or her account. Now they can mirror your Android screen from their computer. No authentication require. Users will see no notification. See the gif below:

Update: You don’t need Airdroid desktop client to mirror Android screen on the computer, now this can be done on Airdroid web interface. See this video for detail breakthrough. And the best (or should I say worst) part is, there is no screen mirroring notification on the victim’s phone. In simple words, they won’t be able to tell if someone is mirroring their screen.

how to hack whatsapp conversation using airdroid

If you using WhatsApp on your computer using an Android emulator like bluestacks, then you should know that same thing can be done with apps like chrome remote desktop.

How to stop it?

If you suspect, that someone is hacking your WhatsApp then go through all the install apps. If you find something suspicious, uninstall it. Try anti-virus if you want. Check apps permission using x-privacy. And never give your device to someone whom you don’t trust.

7. Spying on WhatsApp using WhatsApp Web

So, last year, WhatsApp introduced WhatsApp web. a web service that lets you send and reply to your Whatsapp messages from your computer. I’m sure most of you are already using it on daily basis as well.

But do you know, it also comes with a security flaw. Since you can use WhatsApp web and WhatsApp from your smartphone, both at the same time, imagine what happens if someone is spying on your WhatsApp activity using this service. All they have to do, is quickly scan your WhatsApp QR code when you are not looking, and that’s it, now they can see your entire WhatsApp conversation in real time.

And it’s no surprise to see many Android apps with names like WhatsApp Web spy already popping up on Google play store. and all they do is, use a web wrapper for web.whatsapp.com. In simple words, what results you were getting from WhatsApp web on the desktop, these apps help you get the same thing on mobile.

In fact, you don’t even need an app for this, simply open the chrome browser on your phone and turn on the Desktop mode, and now use it in the similar fashion like you would have used in the desktop mode.

See the following video.

How to Stop it?

If you suspect someone is secretly spying all your WhatsApp conversation using WhatsApp web, then here is how to confirm it. Open Whatsapp on your smartphone, tap on the 3 vertical dots on the top right and tap on WhatsApp web, a new window will open, here see the list of last used clients, if you don’t recognize it, then chances are someone is spying on you. To get rid of it, tap on Log out from all computers.

Whatsapp-web

 

Wrapping Up

WhatsApp is secure if the device stays in your hand. To remotely hack WhatsApp, the hacker has to put a lot of efforts, which (s)he is not going to do just to read your spicy WhatsApp chats. Admit it, you are not that interesting after all.

However, if the intruder can get a physical access to your phone, then they can easily monitor your conversation with WhatsApp web or screen mirror tools like Airdroid. But, then again, if someone has physical access to your stuff, then there is nothing you can do to stop them, it’s not just limited to WhatsApp, the security of WhatsApp is not in question here.

Also, WhatsApp’s developers are no fool. They have spent a significant part of their life making and testing this application. And even if there is even a small probability of error, it gets fixed asap. Imagine there is a tutorial to hack WhatsApp, and developers are not even aware of it. Sounds funny, Right?

However, you should be worried if you are involved in some serious conspiracy. Are you?

About Mrinal Saha

Mrinal is a tech geek who spends half of his day reading and writing about tech. While the nights are spent on shooting or editing YouTube videos. Feel free to geek out with him on-