They said that despite WhatsApp’s end-to-end encryption, third-party spyware – Pegasus – found backdoor entry for hackers to snoop on users. Rival apps could face the same security threats.
While WhatsApp is the leader among chat apps, with 1.5 billion global users –400 million of them in India, Russia-headquartered Telegram has 200 million users globally, and Signal has more than 10 million.
Telegram and Signal record a spike in users whenever there is a security breach or global outage with WhatsApp. Unlike WhatsApp and Apple’s iMessage, Telegram conversations aren’t encrypted end-to-end by default. Instead, users have to select the “Secret Chat” feature for an extra layer of security. But even that does not ensure privacy.
Recent research at the Massachusetts Institute of Technology (MIT) in the US listed striking flaws in Telegram – founded in 2013 by brothers Nikolai and Pavel Durov. Telegram uses its own proprietary messaging protocol called MTProto, which lacks scrutiny from outside cryptographers, the report said.
“This means that if an adversary is able to gain control of their server system, they will have access to (at least) unencrypted messages and definitely to all the metadata,” wrote MIT researchers Hayk Saribekyan and Akaki Margvelashvili.