German police can see anyone’s WhatsApp messages at anytime, German media reports

Security measures in messaging platform WhatsApp are being questioned again. Computer forensics specialists mention that the German Federal Criminal Agency (BKA) has been able to access the messages on the platform, protected with end-to-end encryption. The reports, issued by anonymous sources for the Regard News platform, ensure that the authorities do not require the use of malware, so they would have found a way to evade the encryption that protects chats.

It should be remembered that WhatsApp is the most popular instant messaging application in the world, with more than one billion active users worldwide. In addition, computer forensics experts mention that end to end encryption makes it impossible for a third party to access the conversation between two users.

At the moment the informants have not added more details, except that the hack is possible thanks to the use of WhatsApp Web, the version of the platform for desktops; however, some experts believe that it could be something much simpler than it appears. In this regard, a representative of the federal agency simply added that “the German authorities cannot share sensitive details about their methods of criminal investigation with the public.”

One of the sources mentions that the federal agency has been exploiting this flaw on WhatsApp Web practically since its launch, when it was used in the “Christmas Market” terrorist attack. Computer forensics experts mention that, if the reports are real, this activity is not even considered illegal by the authorities in Germany, since their laws allow trace suspects of serious crimes through their telecommunications.

If it is confirmed that the German government is able to avoid end-to-end encryption, WhatsApp would suffer a catastrophic blow, as this measure is touted as one of the most advanced information protection mechanisms and it is only possible to break its security with highly sophisticated spying malware and only within reach of terrorist groups or world powers.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.