Close
    Search Search

    How to spy on WhatsApp conversations

    Preliminary information

    How to spy on WhatsApp conversations

    Before getting to the heart of the guide, going to explain how the bad guys do a spy on WhatsApp conversations, there is some preliminary information that it is my duty to provide you to allow you to have a perfectly clear idea on the matter.

    First, keep in mind that, at the end of 2014, WhatsApp, thanks to a collaboration with the developers of Open Whisper Systems, began to adopt a End-to-end encryption system named Textsecure.



    The system in question is based on the use of a pair of keys: a public key, which is shared with your interlocutor and a private key, which instead resides on the smartphone of each individual user.

    Everything happens in real time and without the user having to lift a finger, as the entire system works completely automatically "behind the scenes" of the application, but thanks to this technology, messages travel from the smartphone to the servers of WhatsApp encrypted and can only be read by legitimate senders and recipients. For more details about it, you can read my specific guide on how to encrypt WhatsApp.

    The only security uncertainty of this mechanism lies in its implementation by the application. WhatsApp, in fact, is software closed source and it is not possible to examine the content of its source code. By virtue of this, we cannot exclude with absolute certainty the presence of any flaws or sensational errors in the implementation of the TextSecure system. However, these are remote hypotheses: WhatsApp is reasonably safe and therefore there is no need to be paranoid about the level of secrecy of one's communications.

    In this regard, based on some tests, such as the one conducted by Heise in 2015, it emerged that at the time end-to-end encryption was used only on the Android version of WhatsApp, while in all other cases it continued to be used. a system based on the RC4 algorithm, operating exclusively on output and considered unreliable for some time now. To date, however, the situation is totally different and end-to-end encryption is used on all platforms for which WhatsApp is available.



    How to spy on WhatsApp conversations

    Having made the necessary clarifications above, I would say that we can go to the point and go and find out, therefore, how to spy on conversations on WhatsApp, or rather what are the various tactics than by adopting the bad guys to do it. Find all the explanations you need right below.

    How to spy on WhatsApp conversations over Wi-Fi

    How to spy on WhatsApp conversations

    As already mentioned, WhatsApp adopts an end-to-end encryption system, whereby messages travel in an encrypted manner from the sender's smartphone to that of the recipient, passing through the service servers. This means that nowadays spy on WhatsApp conversations via Wi-Fi this is no longer feasible, so even “sniffing” the wireless network to which the phone is connected, it is not possible to discover its contents.

    Some time ago, however, one of the most sophisticated techniques to spy on WhatsApp conversations was precisely that of "Sniff" the wireless network to which the victim's smartphone was connected. The term "sniffing" means examining, using software designed for this purpose, all the data that passes in clear text on a Wi-Fi network (such as WhatsApp messages).

    This is an operation not really within everyone's reach, but not as difficult as one might believe. There are in fact numerous software, some of which are also free, such as the excellent Wireshark, which I told you about in my guide on how to sniff a wireless network, which allow you to analyze the data circulating on a wireless network in a very intuitive way.


    How to spy on WhatsApp conversations without installing programs

    How to spy on WhatsApp conversations

    A valid technique that could allow an attacker to spy on WhatsApp conversations without installing programs consists in clone the MAC address of the victim's phone. If you have never heard of it, the MAC address is a 12-digit code that uniquely identifies the network cards of computers and all devices capable of connecting to the Internet.


    By installing special applications on your smartphone, an attacker can therefore disguise his MAC address and "deceive" WhatsApp, making the application believe that you are using another phone (in this case, the cell phone of the person to be spied on). Fortunately, this is not an easy procedure, also because it requires a lot of time, as well as prolonged contact with the smartphone of the targeted subject.

    To give a concrete example, if an attacker is using an Android phone, he must first have unlocked the device via root and must have installed applications that allow you to change the MAC address (eg. BusyBox e Mac address ghost, which I told you about more specifically in my guide on how to clone WhatsApp). Next, he has to worry about finding out the MAC address of the victim's phone (found in the screenshot Info of the Settings of Android), must set the data obtained on their smartphone, install WhatsApp and activate the application using the number of the person to be spied.

    For added security, I recommend using one VPN. If you don't know what it is, it consists of an Internet connection through a virtual private network which, by encrypting communications and disguising the user's real geographical location, acts as a shield against all sorts of spies. It also allows you to bypass censorship and regional restrictions. There are many VPN solutions available: among these I point out NordVPN (which I told you about in depth here) and Surfshark which are cheap and work on all devices.


    However, considering the difficulty in implementing what has just been described, until recently the spies of WhatsApp preferred to adopt a more "artisanal", but also much more effective tactic: borrowing a cell phone from the victim, with any excuse and using it to to boot Web WhatsApp or the WhatsApp client for Windows or macOS.


    As I explained to you in my tutorial on how to use WhatsApp on PC, WhatsApp Web and the WhatsApp client for computer allow you to read and send messages from your PC using your smartphone as a "bridge". To use them, in fact, just open WhatsApp on the mobile phone and scan a QR code that is displayed on the computer screen. Furthermore, through the function that allows you to stay connected, you can store the user's identity and access conversations without requiring a new scan of the QR code each time. As things currently stand, however, the technique in question can no longer be considered valid, as notifications relating to access are sent and biometric identification is required.

    How to spy on WhatsApp conversations by knowing the number

    How to spy on WhatsApp conversations

    If you are wondering if there is a way to spy on WhatsApp conversations knowing the number, or rather having only the latter as data available, the answer is affirmative. Among the potential threats you should be on guard against are apps and services to monitor WhatsApp.

    These are tools that allow you to know the times of access to a person's WhatsApp simply by typing his phone number. They do not require physical access to the victim's smartphone and it is not possible to defend against their action (WhatsApp access times are public data after all), but at least one can console oneself with the fact that neither messages nor contacts are spied on.

    In most cases, such solutions can be used for free, but to be able to take advantage of the most advanced features, such as exporting the data obtained and to be able to use them without limitations, it is necessary to subscribe to special subscriptions.

    Other tactics for spying on WhatsApp conversations

    How to spy on WhatsApp conversations

    There are also other tactics which can allow you to spy on WhatsApp conversations. More precisely, as I explained to you in my tutorial on how to spy on a cellphone, there are apps that allow you to spy on everything that happens on your smartphone, some milder and easier to use and others more invasive and dangerous.

    Among the less fearful solutions are the app for parental control, Such as Qustodio, which is available for both Android and iOS and Screen Time, also usable on both Android and iOS, which allow both to monitor and limit the use of different apps, including WhatsApp. Fortunately, they are not able to record what is typed on the smartphone keyboard or to directly capture WhatsApp messages but, if properly configured, they can still be very invasive. They also don't cost much, you can try them for free and then they have very affordable prices.

    Far more dangerous than parental control apps are spy app, that is the applications designed with the express purpose of spying on everything that happens on the smartphone: the texts typed on the keyboard, the sites visited, the calls made, the messages exchanged on WhatsApp and much more. As easily understood, these are very dangerous applications (among other things they are completely invisible to the user's eyes), but fortunately they are not within everyone's reach as they only work on root-unlocked devices and are quite expensive, as in the case of iKeyMonitor, which is one of the most popular spy apps in the category.

    In short, if someone manages to have physical access to a given user's phone and install one of these apps, they could monitor their WhatsApp conversations, monitor your online activities and even take pictures of you in secret.

    How not to be spied on WhatsApp conversations

    How to spy on WhatsApp conversations

    Based on what has been said in this guide, per avoid being spied on WhatsApp conversations it is essential to manage your smartphone conscientiously and prevent the violation of your privacy with the implementation of some precautions, the ones I have reported to you below.

    • Update WhatsApp - keeping the WhatsApp app always up to date allows you to circumvent any flaws that malicious people could find and use to spy on your conversations. If you don't know how to do it, you can read my guide dedicated specifically to how to update WhatsApp.
    • Avoid using public Wi-Fi networks - with end-to-end encryption the sniffing of wireless networks should not be more effective, but to be even more secure I suggest you avoid connecting your mobile phone to public wireless networks and / or networks without adequate protection (better to use the 3G / 4G / 5G network if you are not at home). Also, if at home you have not yet changed the default key of your router, immediately change the password of the Wi-Fi network following the instructions in my tutorial on how to change the password to the modem.
    • Disconnect the devices from WhatsApp - if you suspect that someone is using your WhatsApp account without your consent, you can run for cover by opening the application on your smartphone and closing all currently active accesses to WhatsApp Web or WhatsApp for computer (in this way, to continue reading the messages from PC, the QR code scan will be requested again). To do this, proceed as follows: if you use a terminal Android, awarded by pressing i three dots vertically che si trova in alto a destra, select the voice Web WhatsApp from the menu that appears, then the session you want to deactivate and tap on the item Disconnect or press the button directly Disconnect to all devices which is located at the bottom; if you use a iPhone, go to the card Settings che si trova in basso a destra e seleciona la voce WhatsApp Web / Desktop present in the latter, then select the device to disconnect and tap the button Disconnect or tap the option directly Disconnect from all devices. For more details, read my guide on how to disconnect WhatsApp Web.
    • Activate the screen lock on WhatsApp - WhatsApp includes a function that allows you to block access to the app via face or fingerprint and which is very useful for preventing unauthorized third parties from accessing their chats. To enable this function, go to the section Settings> Account> Privacy> Screen lock of WhatsApp and brings up ON theswitch to activate the screen lock. For more information, see my post on how to put the block on WhatsApp.
    • Configure a secure PIN - using a sufficiently secure PIN for your smartphone can prevent "upstream" that any malicious people can get their hands on the phone and, therefore, also on WhatsApp. To change your mobile PIN, follow these steps: if you use Android, go to Settings> Security> Screen Lock and select the item PIN (Or Sequence, if you want to use a gesture instead of the code); if you use a iPhone, go to the section Settings> Face ID / Touch ID and passcode and select the vocand Change the code. For more information, read my post on how to lock the screen.
    • Disable SMS display on the lock screen - by cloning the MAC address of the cell phone, an attacker could activate WhatsApp on his phone using his number. To do this, however, it should read the verification code delivered by SMS to your mobile phone. Consequently, by disabling the display of SMS on the lock screen you can prevent such situations from occurring. To do this, do this: if you are using Android go to the section Settings> Security> Screen Lock> PIN, imposes a PIN and choose to hide sensitive content; if you are using an iPhone, go to the section Settings> Notifications> Messages and deselect the item Screen lock. If you think you need more details, read my post on how not to show messages on the lock screen.
    • Check for spy apps - if you think there are spy apps on your smartphone, access the list of applications installed on the device to check it. To do this, follow these steps: if you are using Android, go to the section Settings> Apps> All and delete all suspicious apps, then go to the menu Settings> Security> Device administrators and take a look at the list of apps that are allowed to control the system and if among these you find any that you have not personally authorized, deselect it and uninstall it; if you are using a iPhone go to the section Settings> General> iPhone Space and delete the apps you think might be spying on you by clicking on theirs name and on the wording Delete app. For more details, read my post on how to delete spy software from cellphone.
    • Reactivate the account if disabled - if someone has activated WhatsApp on another device using your phone number, you will no longer be able to use it on your mobile phone. So, in the event that your account should be deactivated, immediately contact WhatsApp assistance to report the matter. For more information, see my guide on how to contact WhatsApp.

    Please note: this tutorial has been published for illustrative purposes only. Spying on the conversations of others is a crime punishable by law and I take no responsibility for the use you make of the information below.

    add a comment of How to spy on WhatsApp conversations
    Comment sent successfully! We will review it in the next few hours.