Meta’s WhatsApp recently faced scrutiny after a significant vulnerability in its “View Once” feature was discovered, allowing attackers to bypass its privacy protections.
This feature, designed to let users send media that can only be viewed once, was found to be easily exploited through modified WhatsApp Web clients.
Although Meta has now implemented fixes, the issue has raised concerns about the effectiveness of privacy measures and the trade-offs involved.
WhatsApp View Once Vulnerability
The “View Once” feature is intended to enhance privacy by preventing recipients from forwarding, sharing, or copying sensitive media.
However, according to researcher Tal Be’ery, the protection could be bypassed using browser extensions that slightly modify WhatsApp’s web.
These extensions ignored the “View Once” flag attached to the media and enabled recipients to save or redistribute it.
Leveraging 2024 MITRE ATT&CK Results…
