A French computer engineer has discovered a bug on WhatsApp that allows you to find out who a phone number belongs to
A French computer security expert has discovered a WhatsApp bug that allows you to get the phone number of famous people. Tristan Graniet, this is the name of the expert, managed to find out the phone number of French politicians, simply starting from a vCard, an electronic business card that can be sent by phone and uploaded to your address book.
Tristan Graniet discovered the bug while testing Operative Framework, a program developed by the same French engineer and that allows you to create random phone numbers. Once the numbers are generated, they can be uploaded in vCard format to your smartphone's Contacts app. Added to the address book, we will also find them on WhatsApp. Even if we don't know their name, we have a very useful piece of information: their profile picture. Using an ad hoc program, you can download the profile pictures of all new contacts and search for the name of the person on Google Images. A somewhat complicated technique, but one that highlights how privacy on messaging apps is always in danger.
Personal information on WhatsApp is in danger
The bug uncovered by the French computer scientist once again highlights WhatsApp's weaknesses from a cybersecurity perspective. Already a couple of months ago we told you about the scam that exploits "profile picture" to ask people you don't know for money to borrow. The ploy is very simple: you download the profile picture of an acquaintance and create a new account on WhatsApp using the newly "stolen" image. At this point you contact his friends, asking for a few tens of euros in loan because you are living a difficult situation and you were forced to change even phone number.
The bug uncovered by Tristan Graniet is even more serious. A simple program that generates random numbers is enough to get the phone number of famous people. Once you have downloaded the profile image from your WhatsApp account, you can use the reverse function of Google Images to find out who the person in the picture is. The ploy could also be used by stalkers to find the number of their victims.
Facebook glosses over the incident
Thomas Graniet contacted Facebook explaining the bug uncovered on WhatsApp. After a careful analysis, the technicians of the company of Menlo Park have replied that for the moment they have no intention to intervene, since they do not consider the bug fundamental for the commercial development of WhatsApp.
It must be said, however, that the same bug was found more than two years ago on Facebook. By entering a random phone number in the search bar, it was possible to find out who it belonged to. After some time, the engineers intervened and eliminated the possibility to search using the phone number
.