WhatsApp Group

Google mistakenly indexing private WhatsApp group links, and the group can be accessed by anyone with a simple search in Google and join a wide range of WhatsApp group chats.

These private Group links are generated by the WhatsApp Group Administrators who may not want to be in Public.

Analysts from Motherboard tried with specific search to find the invite links of the private group, in results, many of the groups are intend to created to share the porn contents.

Also, these private WhatsApp groups links that indexed in Google let anyone can see the whole group phone numbers once joined into the groups.

Jordan Wildon, A Multimedia journalist Tweets that “Your WhatsApp groups may not be as secure as you think they are. The “Invite to Group via Link” feature allows groups to be indexed by Google and they are generally available across the internet. With some wildcard search terms, you can easily find some… interesting… groups”

Nearly 470,000 WhatsApp Group links are publicly indexed by Google and these links should have been “noindex” Meta tag that eliminates these links to index in Google search results even if anyone searches with specific keywords.

Also, these groups contain millions of Phone numbers that can be accessed by anyone by joining into groups.

These links get even worse than this matter that some of the groups have been created for sharing the Child Pornographic contents.

“Apart from the Search engine crawling, In Yandex still, 75k links are available. Even if all search engines remove the crawled links but the “Web Archive” already have more than 80k links and most of them are still working” Said @Lav Kumar.

WhatsApp Group

According to WhatsApp Spokesperson ” “Group admins in WhatsApp groups are able to invite any WhatsApp user to join that group by sharing a link that they have generated. Like all content that is shared in searchable, public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users. Links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website.”

This issue was already reported to Facebook, and Facebook acknowledged this after @hackrzvijay alerted them and Facebook suggesting that admins can invalidate the link.

Follow in Twitter for Daily cyber security & hacking news updates: Cyber Security News

Also Read:

WeLeakInfo.com Domain Seized by Law enforcement Agencies for Selling Access to Breached Data

Microsoft Data Leak – 250 Million Microsoft Customer Service Support Records Exposed Online

Data Leak – 267 Million Facebook Users Phone Numbers and User IDs Exposed Online

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.