7 comments

[ 4.7 ms ] story [ 26.1 ms ] thread
The link should be updated to point to this URL.

If this were any site other than Schneier we'd all be screaming "blogspam!".

The WhatsApp client is pretty forgiving about key changes. Is the attack just hoping the user ignores the notification?
If they can install malware on the device, wouldn't it be easier to use something like the accessibility features of Android to just scrape the content or maybe take Screenshots, send them home and use OCR?
Sounds like they just remotely root the device and then extract all data on it, with a special utility that can display the Whatsapp database in a neat way.