WhatsApp's Server Protection Creates Client-Side Vulnerability Gap

Recent spyware campaign targeted 90 Italian WhatsApp users including journalists and civil society members using Paragon Solutions spyware.
WhatsApp encryption protects the server, but exposes the client
A security researcher describes the fundamental trade-off in WhatsApp's architecture that leaves billions of users vulnerable to attack.

When WhatsApp sealed its servers behind end-to-end encryption, it solved one of the great surveillance problems of the digital age — and quietly created another. By making its infrastructure blind to message content, it redirected the gaze of sophisticated attackers toward the only place where messages can still be read: the devices of ordinary people. Security researcher Tal Be'ery, speaking at Black Hat Asia 2026 in Singapore, gave this paradox a name and a shape, warning that what was sufficient protection for two billion users in 2016 is a dangerous mismatch for the three billion who depend on the platform today.

  • End-to-end encryption has made WhatsApp's servers an empty prize for attackers, so the target has quietly shifted to the phones in people's pockets.
  • Metadata — who you message, when, from which device, whether you're online — forms a surveillance map that requires no access to message content whatsoever.
  • Attackers are now chaining these metadata exposures into zero-click spyware attacks, infecting devices through file previews and sync features without any action from the victim.
  • Ninety Italian journalists and civil society members were recently infected by Paragon Solutions spyware through WhatsApp, with no tap, no click, and no warning.
  • Proposed defenses — lockdown modes, restricted message requests, and device identity obfuscation — exist on paper, but no fix is yet available for users to apply themselves.
  • The architecture built for a different era is straining under the weight of three billion users and adversaries who have had a decade to study its seams.

WhatsApp's adoption of the Signal protocol in 2016 was a landmark moment for private communication. Messages scrambled on a sender's phone can only be unscrambled on the recipient's — the company's servers pass along encrypted data like a blind courier, never reading, never inspecting. Security researcher Tal Be'ery, presenting at Black Hat Asia 2026 in Singapore, called this a "dumb pipe" architecture. It was a brilliant solution to mass surveillance. It was also the beginning of a new problem.

Because the servers cannot see message content, they also cannot detect malicious traffic or sound an alarm when something is wrong. What they do handle is metadata — delivery receipts, online status indicators, device counts, device types. Be'ery demonstrated how an attacker can send silent pings to map a target's behavior over time, identify their primary device, track their movements, and enumerate every device linked to their account — all before a single piece of malware is deployed. Blocking a contact afterward changes nothing; the reconnaissance is already complete.

This intelligence feeds zero-click attacks: spyware delivered through file previews, group chats, or device-sync features that demand nothing from the victim. A recent campaign by Israeli firm Paragon Solutions infected ninety Italian WhatsApp users — journalists and civil society members among them — without a single tap or interaction.

Be'ery proposed three architectural remedies: a lockdown mode restricting rich media to known contacts only; a restricted request system limiting unknown senders to plain text; and device obfuscation, so senders interact with a single recipient identity rather than a mapped list of linked devices. WhatsApp has patched some reported vulnerabilities, but Be'ery argued the underlying design must evolve. His closing words carried the weight of the whole problem: the encryption protects the server, but exposes the client — and for now, there is nothing a user can do about it on their own.

WhatsApp's decision to encrypt messages end-to-end was meant to be a fortress. Instead, security researchers say it has become a paradox: the stronger the walls around the servers, the more exposed the people using them become.

Tal Be'ery, chief technology officer of the cryptocurrency wallet company Zengo, laid out this contradiction during a presentation at Black Hat Asia 2026 in Singapore. WhatsApp, he explained, adopted the Signal protocol for end-to-end encryption in 2016. Messages are scrambled on the sender's phone and can only be unscrambled on the recipient's phone. The company's servers never see the content. They function as what Be'ery called a "dumb pipe"—passing along encrypted data without the ability to read it, inspect it, or intervene.

This design solved one problem brilliantly. It made WhatsApp's infrastructure nearly worthless to attackers. Mass surveillance of message content became impossible. But it created another. Because the servers cannot see what users are saying, they also cannot detect when something is wrong. They cannot spot malicious traffic. They cannot use the substance of messages to sound an alarm. All they have is metadata—the shadows cast by communication rather than the communication itself.

And metadata, it turns out, tells a story. It reveals who is messaging whom, when messages arrive, whether they were delivered, how many devices are linked to an account, whether a device is online, what type of device it is. An attacker can send silent pings—messages that register a device's online status without appearing as visible messages—to map a user's behavior over time. They can identify which device is primary. They can track when someone is traveling. They can enumerate how many devices are connected to a target account, then pinpoint a specific one for attack. Even if a contact is later blocked, the sender has already gathered this intelligence.

This shift in the attack surface has real consequences. Sophisticated threat actors are now chaining multiple vulnerabilities together to launch zero-click spyware attacks—malware delivered through files, link previews, group chats, or device-sync features that require no action from the victim. In a recent campaign, spyware developed by the Israeli company Paragon Solutions targeted ninety Italian WhatsApp users, including journalists and civil society members. No click. No interaction. Just infection.

Be'ery acknowledged that WhatsApp has already fixed some of these issues on certain platforms after researchers reported them. But he argued the fixes are insufficient. "What was good enough in 2016 is not good enough in 2026, when they have more than three billion users," he said. The architecture itself needs to evolve.

He proposed three changes. First, a lockdown mode that would allow only known contacts to send messages or rich media directly to a user. This would shrink the attack surface from billions of potential attackers to just the people in someone's address book. Second, a restricted message request system for unknown senders—similar to features on other platforms—where strangers can only send plain text requests, not files or complex message types. Third, obfuscating linked devices from senders. Instead of exposing all the devices connected to an account, senders would interact with a single recipient identity, and the recipient's devices would synchronize messages internally. No reconnaissance. No device pinpointing.

Yet Be'ery ended his presentation with a sobering note. WhatsApp's end-to-end encryption remains essential. But every security design involves trade-offs. "WhatsApp end-to-end encryption protects the server, but exposes the client," he said. "Unfortunately, there is no current solution the user can get out of this talk and apply." The fortress is secure. The people inside it are not.

WhatsApp is playing with a hand tied behind its back, because they cannot see the content. Gmail can use the content of an email to decide to put on an alert, but WhatsApp's server cannot do that.
— Tal Be'ery, CTO of Zengo, speaking at Black Hat Asia 2026
What was good enough in 2016 is not good enough in 2026, when they have more than three billion users. The security architecture needs to evolve.
— Tal Be'ery
A Conversa do Hearth Outra perspectiva sobre a história
Inventor

So WhatsApp's encryption is actually making things worse for users?

Model

Not worse—it's a trade-off that nobody fully grasped until recently. The encryption keeps the servers safe, which is good. But it means WhatsApp can't see attacks happening inside the app, so attackers moved their focus to the phones themselves.

Inventor

But users don't see the metadata the way they see a message. Why does it matter so much?

Model

Because metadata is a map. If I know when you're online, when you're traveling, how many devices you use, I can infer your entire routine. I can time an attack for when you're most vulnerable. I can target your laptop instead of your phone if I know you have both.

Inventor

The Italian journalists—how did the spyware actually get in?

Model

No interaction required. It came through files, link previews, group chats. The victims didn't click anything. The malware just arrived and installed itself.

Inventor

Is WhatsApp aware of this?

Model

Yes. Be'ery said some fixes have already been deployed on certain platforms. But the researcher's point is that the fundamental architecture hasn't changed. You're still exposing metadata to billions of potential attackers.

Inventor

What would actually fix it?

Model

The proposals are practical but limited. A lockdown mode would help—only let your contacts message you. Restrict what strangers can send. Hide your linked devices from senders. But Be'ery was honest: there's no perfect solution users can implement today. The problem is baked into how the system works.

Fale Conosco FAQ