New WhatsApp Bugs Makes Millions of Phone Numbers Searchable in Plain Text on Google Search


A new bug has been reported on WhatsApp that exploits millions of WhatsApp numbers searchable on Google Search. A bounty hunter has found this bug which he mentioned that this bug comes into existence by a feature called ‘Click to Chat.’

According to the cybersecurity researcher Athul Jayaram, this bug lets millions of WhatsApp numbers are indexed by Google Search which allows anyone to find them. However, WhatsApp has stated that it is not a big deal and that the results of the phone numbers only show up if the user has chosen to make it public.

Explaining the bug to a further extent, Jayaram stated that the bug in WhatsApp’s Click to Chat feature pushed the phone numbers into a privacy concern by allowing Google Search to index them. The issue here is that the misfeature will allow anyone to search for users’ phone numbers on the web which becomes a major privacy risk.

For those who don’t know what the Click to Chat feature is, it is basically a feature that assists users in starting a WhatsApp chat with another user even if the phone numbers have not been saved in the sender’s address books. This feature is basically used by website owners to allow their customers to directly communicate with them via WhatsApp.

Jayaram has said that the phone numbers of users using this feature can show up in Google Search results because the search indexes the feature’s metadata. He stated that users’ phone numbers will be visible in plain text in the URL —<phone_number> –. And so, it is very easier for scammers to put together a list of legitimate phone numbers. The researcher has found 300,000 indexed on Google as of now.

Jayaram was quoted saying by Threatpost, “As individual phone numbers are leaked, an attacker can message them, call them, sell their phone numbers to marketers, spammers, scammers. Through the WhatsApp profile, they can see the profile photo of the user, and a do reverse-image search to find their other social media accounts and discover a lot more about a targeted individual.”

For the latest tech news and updates, Install TechCodex App, and follow us on Google News,  Facebook, and Twitter. Also, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.


This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More