Elon Musk makes fun of WhatsApp security; claims that he’ll never use it

Among the dozens of controversial tweets posted by Elon Musk, one caught the attention of cybersecurity professionals and enthusiasts last Thursday. Musk tweeted a picture with all versions of the robot arm emoji, all available on major messaging platforms; in the text of the post, Musk wrote: “The last one includes a free phone hack.”

The billion-dollar-man comment referred, in a mocking tone, to the version of the robot emoji available on WhatsApp, Facebook-owned messaging platform and roasted due to the constant finding of security flaws.

As multiple cybersecurity firms reported, a couple of weeks ago a forensic analysis concluded that the iPhone of Jeff Bezos, CEO of Amazon, was hacked by using WhatsApp, thanks to the sending of a video loaded with malware from Mohammed bin Salman’s account, crown prince to the Saudi throne. The investigation determined that this attack allowed the extraction of large amounts of sensitive data from Bezos’ device.

Of course, this was not the only security incident reported on WhatsApp during 2019. At least 12 critical vulnerabilities were found on the messaging platform over the past year, an average much higher than the 2 or 3 security flaws discovered in the past 4 four years.

Security errors are not the only threats faced by WhatsApp, as the platform has also been targeted by various cyberattacks, such as the one that occurred in May 2019, when a group of threat actors managed to install spyware on the smartphones of hundreds of users. After a cybersecurity analysis, the company concluded that an “advanced hacker group” was responsible for this attack, which compromised sensitive information such as usernames, messages, files, and location data.

According to the International Institute of Cyber Security (IICS), WhatsApp has been the most widely used messaging platform for years, making it a primary target for attackers looking to compromise as many users as possible, so it is vital for the company to detect potential security flaws in time.