Deleted WhatsApp chats can still be read, security researcher warns


WhatsApp isn't actually deleting the messages you send to the archive, according to a security researcher.

On Apple devices the app stores a "forensic trace" of all chats, be them "deleted, cleared, or archived", Jonathan Zdziarski found. This means that instead of disappearing from the device as you'd expect, a trace of the chat remains in the phone. And that trace could be reconstructed into its "original form" by someone with access to the device.

It would be reasonable for WhatsApp users to expect message history to disappear from a phone when a conversation is deleted, especially given WhatsApp's focus on privacy and security: the app recently introduced end-to-end encryption.

But instead of properly deleting messages, the app retains a memory of chats that could be recovered using forensic tools by law enforcement or anyone else with access to the device.

Make a Comment
Make a Comment