Despite end to end encryption, your WhatsApp and Telegram chats can be spied on (VIDEO)
You might recall that back in April, we told you about SS7 when we passed along a story shown on 60 Minutes about hacking. SS7 is a protocol used to connect carriers around the world and affects all smartphone users regardless of the device they use. While SS7 can't break the encryption employed by the two aforementioned messaging apps, it can be used to fool a wireless operator into helping the hacker open a duplicate WhatsApp and Telegram account in the name of the target.
The first step that a hacker employing SS7 does is trick the target's carrier into believing that his phone number is the same as the target's mobile number. Once that is accomplished, the hacker installs WhatsApp and Telegram on his phone, and uses the target's number to set up new accounts. This will allow them to receive the secret code falsely proving that the hacker is the legitimate user of these accounts. Once all this is accomplished, the ruse is on as the hacker can send and receive messages pretending to be the target.
You can see how this all works by watching the pair of videos below. Most security firms still prefer WhatsApp and Telegram for their end-to-end encryption, which prevents "man-in-the-middle" hacks that redirect messages to a hacker's phone. But obviously, opening a duplicate account can allow hackers to read messages not intended for their prying eyes.
source: ThomasFox-Brewster (1), (2), Forbes via BGR