A recent report suggested that WhatsApp was riddled with security flaws that could potentially make it very easy for a hacker to read messages stored on a phone’s microSD card. The company, which is in the midst of being acquired by Facebook for $19 billion, recently responded to the report addressing the alleged security flaws.
“We are aware of the reports regarding a security flaw,” a statement obtained by TechCrunch reads. “Unfortunately, these reports have not painted an accurate picture and are overstated. Under normal circumstances the data on a microSD card is not exposed. However, if a device owner downloads malware or a virus, their phone will be at risk.”
The company said it recommends that users make sure that their software is always up to date – the latest version of WhatsApp included some security fixes, for example – and that you don’t download potentially malicious apps to your phone from unknown sources. As TechCrunch notes, however, it simply appears that WhatsApp is placing the blame on other, more malicious apps, that could attack its software. It should also be able to close off those microSD vulnerabilities on its own. It’s not clear if the latest update does that.
Any and all flaws with WhatsApp are going to be scrutinized by the industry, particularly because of how much money Facebook is dropping on the service, which has 450 million monthly active users and just around 50 employees.