Researchers at the Swiss University for Public Research (ETH Zurich) have discovered seven vulnerabilities in the protocol of the Threema application - one of the most popular secure instant messaging applications - while the developers of the application have downplayed these important flaws, they say in a post on their blog. . They fixed all the issues within weeks and none of the issues had much impact on the field. "
But what happened to Threema, which instant messaging app provides the best security?
According to Kaspersky cybersecurity experts, the Threema scandal is difficult to explain because the behavior of both parties, while civil, was not exemplary. The ETH team clearly exaggerated their work by describing not only the vulnerability but also its hypothetical exploitation scenario, while the Threema developers greatly downplayed the vulnerability as they claimed it was nearly impossible to exploit.
What are the vulnerabilities found in the Threema app?
The team discovered all the errors last October and reported them to the application developers, and the points were fixed immediately, and according to both parties, the errors did not appear, so there is no need to worry that information leakage is related to it. However, there are still concerns.
But let's focus on what we can learn from the ETH Zurich report, the Threema statement, and other public research on Threema and its protocol.
Threema uses strong encryption algorithms and implements standard encryption and network libraries. However, this is implicit in Threema's messaging protocol and its implementation is flawed, increasing the potential for various attacks in theory (such as sending messages to all users in a group chat) and some somewhat functional attacks. For example, if the owner of the phone has not set a password to protect the app, anyone with physical access to the target smartphone can read Threema's database and backups with relative ease.
It is also possible to clone the Threema ID, allowing the attacker to send messages on behalf of the victim. Of course, all scenarios involving physical access to a smartphone are generally worst-case scenarios for any application and difficult to defend.
Some of the hypothetical attacks introduced by the new vulnerabilities will only succeed if the attacker has complete control of the communications network, but that alone is not enough; These attacks also require the implementation of other complex exploit conditions. For example, in one scenario, victims had to send very strange messages through the Threema app, which is unlikely in practice.
One of the most worrisome flaws in the communication protocols themselves is that they both do not have forward secrecy, which means that once you decrypt one message, you can decrypt subsequent messages. This vulnerability has been known for a long time, which is apparently why Threema announced the release of a new, more secure version of the protocol last December.
But this new protocol has yet to undergo an independent security review, and we can only take the developers at their word when they say it covers all aspects of modern working encryption, Threema advises listening to the ETH team's recommendations. The Childhood Protocol is under development and has not yet been published.
In order to exploit some vulnerabilities in the Threema application, the server of the development company must be hacked, and someone on the operator side must try to steal the exchanged data or deliberately disconnect, which is important for organizations using Threema Work. Application, when these companies are less likely to put their data at risk of being interrupted, they should consider migrating to Threema OnPrem, where they will have their own internal Threema servers. In such cases, administrators should look for ways to improve server security.
App developers should also learn from this situation, as coders keep repeating "don't change the encryption algorithm you use" - and Telegram developers have hardly followed this advice - but Threema Developed Humans uses proven, correct and standard encryption algorithms in their implementation, many security holes are cracked Using standard encryption instead of the standard TLS in the original communication protocol between client and server.
What do you do when using the Threema app?
If you choose the Threema app and you think that this is the best encrypted messaging app and you don't mind using your phone number in an instant messaging app and don't get bogged down in technical details, then you'd better switch to (Signal) because it has been proven to be hacked based on applicable laws and court orders. Principles of Encryption and Storage Signal data is more resilient to hacking.
If you need to use Threema as your primary messaging app for your business, or would prefer not to associate your Threema ID with your phone number, you can still use it, but be aware of the risks.
Be sure to check and re-verify the IDs of your new Threema contacts offline and use passphrases for secure connections.
Medium and large companies that use Threema in their business operations should seriously consider moving to Threema OnPrem for full control of their email servers.