"The View Once feature enables users to send photos, videos or voice messages that disappear from the chat after they have been viewed by the recipient. In addition, View Once is designed to prevent users from saving, forwarding, or taking screenshots of the content before it disappears."
"The exploit involves the use of a modified WhatsApp client. Be'ery pointed out that an attacker could also leverage a browser extension and WhatsApp Web for mass exploitation."
"WhatsApp owner Meta has been informed about the vulnerability, but the company indicated it would not patch it. The vendor informed the researcher that the issue falls outside of its security model and is not covered by its bug bounty program."
WhatsApp's View Once feature allows users to send disappearing photos, videos, and voice messages that cannot be saved, forwarded, or screenshotted. Researcher Tal Be'ery has discovered four bypass methods over several years, with the latest involving a modified WhatsApp client or browser extension. Previous vulnerabilities were patched by WhatsApp and earned bug bounties. Meta has been informed of this latest bypass but declined to patch it, stating the issue falls outside their security model and is difficult to prevent entirely, as users could capture content through alternative means like photographing with another device.
#whatsapp-security #view-once-bypass #vulnerability-disclosure #modified-client-exploit #meta-security-policy
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]