All popular instant messengers vulnerable, and this applies to both versions for Android and for iOS. To such conclusion experts of the company Solar Security, which conducted the study, writes “Kommersant”.
With the help of technology auto binary analysis, Solar Security code checked out nine of the most popular instant messengers: Telegram, WhatsApp, Viber, Facebook Messenger, Signal, Slack, Skype, WeChat and QQ International. As a result of check it was found that critical vulnerabilities not only contains the Signal messenger for Android. However, its code still contains the six errors of the average level and seven low. In the code of Facebook Messenger and Slack there are four critical errors, while others have more.
The most common critical vulnerabilities of instant messaging apps on Android include weak algorithms for encryption and hashing, insecure implementation of SSL, use of blank passwords. These errors increase the risk of interception of usernames and passwords stored on the device.
the iOS version of the messengers are more vulnerable than clients for Android. So, in Facebook Messenger for iOS the company’s specialists Solar Security found 12 critical vulnerability in Viber 15, Skype 17. Most errors were discovered in the Chinese instant messenger QQ International and WeChat. According to the specialists, the fact that iOS versions of applications contains more errors, most likely due to the fact that Android developers “more attentive to the level of protection” as “itself is less safe.”
Themselves messengers information about security issues is not confirmed, noting that all the products are regularly tested.