WhatsApp security flaw allows spies to snoop on your private messages - here’s how to fix it

WhatsApp has a huge security hole in its app that enables hackers and government spies to read encrypted messages, according to new research.

The bug is a result of the way that the messaging app deals with security keys that form part of its end-to-end encryption.

However, a little-known setting on the Facebook-owned app could help to protect users’ privacy.

WhatsApp’s encryption is supposed to ensure that messages can only be read by the sender and the recipient.

The system relies on unique security keys that are traded between users when a message is sent so that their devices can ensure the messages are going to and from the right place.

However, WhatsApp can change those keys without the user’s knowledge, according to new reports, leaving private messages vulnerable to hackers.

“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys,” Tobias Boelter, a cryptography researcher at the University of California told The Guardian in an exclusive report.

While the security flaw raises questions over the privacy of messages sent using the service, a setting in the app could help users keep their chats safe from snoopers.

MORE: Here’s what Donald Trump’s face says about his leadership skills, according to science
MORE: Superbug kills woman resistant to all antibiotics in the U.S.

A security option, which is turned off by default, can be found in the Settings menu of the app.

In Settings, users can tap on Account then Security. From here they can toggle on the option to ‘Show Security Notifications’.

This will alert users every time a security key is changed. In most cases, this will simply be the result of someone getting a new phone or reinstalling the app.

But it can also serve as a warning that messages are being snooped on, allowing the user to switch to a more secure form of communication.