LIVE NEWS
  • Australia news live: Deeming lodges legal suit against Victorian Liberal president; blizzard brings snow to NSW and Victorian alps | Australia news
  • Why Is Crypto Market Going Up Today July 2nd
  • Google loses final appeal to overturn €4.1 billion EU fine
  • Anduril’s Unusual Recruitment Approach Works Says CMO Jeff Miller
  • Oyarzabal scores two goals as Spain dominates Austria in World Cup knockout | World Cup 2026 News
  • Zuckerberg Said AI Agent Progress Has Been Slower Than Expected
  • Hegseth creates powerful new drone office, pulling authority from the military services
  • Sitting for more than 30 minutes at a time linked to higher risk of cancer death | Cancer research
Prime Reports
  • Home
  • Popular Now
  • Crypto
  • Cybersecurity
  • Economy
  • Geopolitics
  • Global Markets
  • Politics
  • See More
    • Artificial Intelligence
    • Climate Risks
    • Defense
    • Healthcare Innovation
    • Science
    • Technology
    • World
Prime Reports
  • Home
  • Popular Now
  • Crypto
  • Cybersecurity
  • Economy
  • Geopolitics
  • Global Markets
  • Politics
  • Artificial Intelligence
  • Climate Risks
  • Defense
  • Healthcare Innovation
  • Science
  • Technology
  • World
Home»Cybersecurity»Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch
Cybersecurity

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch

primereportsBy primereportsMarch 18, 2026No Comments4 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch
Share
Facebook Twitter LinkedIn Pinterest Email


A researcher has discovered another method to bypass WhatsApp’s View Once feature, but Meta does not plan to patch it because it involves a modified client application.

The View Once feature enables users to send photos, videos or voice messages that disappear from the chat after they have been viewed by the recipient. In addition, View Once is designed to prevent users from saving, forwarding, or taking screenshots of the content before it disappears. 

Tal Be’ery, a reputable researcher and co-founder and CTO of the Zengo cryptocurrency wallet, has found several ways to bypass View Once over the past couple of years, demonstrating how someone could download the file sent via View Once before it vanishes. 

Zengo issued a warning in September 2024 after discovering that a bypass reported at the time had been exploited in the wild. 

The latest View Once bypass method is the fourth uncovered by Be’ery. The researcher told SecurityWeek that all previously discovered bypass vulnerabilities were eventually patched by WhatsApp developers, and that he received a bug bounty for one of them. 

Be’ery has demonstrated the latest method for SecurityWeek and on Wednesday he published a blog post explaining his findings, without sharing technical details to prevent malicious exploitation. The researcher has also shared a video showing the exploit in action. 

Advertisement. Scroll to continue reading.

The exploit involves the use of a modified WhatsApp client. Be’ery pointed out that an attacker could also leverage a browser extension and WhatsApp Web for mass exploitation.

WhatsApp owner Meta has been informed about the vulnerability, but the company indicated it would not patch it. The vendor informed the researcher that the issue falls outside of its security model and is not covered by its bug bounty program, arguing that it’s difficult to completely prevent a user from capturing content sent via View Once, as they can use another phone to take photos or videos of the content, or use a modified WhatsApp client.

Be’ery is displeased that Meta has — in his view — not been consistent in assessing such vulnerabilities, arguing that previously reported issues all involved modified clients and were all patched. 

As a solution to View Once bypass methods, the researcher proposes implementing a digital rights management (DRM) system.

“Similar to Netflix, WhatsApp needs to make sure View Once media is not digitally abused by attackers trying to redistribute it and explicitly scope out analog recording as outside its threat model,” Be’ery said. “By doing so, WhatsApp can establish a clear delineation between issues that are included within the security model and those that are not, and concentrate its security resources accordingly.”

Contacted by SecurityWeek, Meta clarified that it considers View Once an additional privacy layer that reduces persistence for media files sent between trusted contacts in the official WhatsApp application. 

The company noted that the privacy feature is designed for conversations between people who trust each other and — as communicated to users — it should only be used to send content to trusted contacts and should not be viewed as a forensic-grade data deletion tool. 

Meta said it continuously hardens View Once in official clients, but client spoofing and modified clients fall outside the scope of its bug bounty program. The company claims it has been consistent in its assessment of View Once security issues in official clients as opposed to attacks involving rogue clients.

[ Read: Researcher Spotlights WhatsApp Metadata Leak ]

The tech giant said it appreciates Be’ery’s continuous contributions, but in the case of the latest View Once issue the report is out of scope due to the involvement of an unofficial client application.

As for the researcher’s suggestion to use DRM, Meta believes it’s not a good fit for a private messenger’s threat model for several reasons, including the fact that DRM relies on a license server that controls who receives decryption keys. In addition, DRM would still allow someone to record the content on a second device, and the DRM system itself can also be hacked. 

Related: WhatsApp Boosts Account Security for At-Risk Individuals

Related: Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts

Related: NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleOrlando Bravo pushes back on private markets criticism: ‘Everybody’s extremely comfortable’
Next Article Crypto Strategist Says Solana (SOL) Now Breaking Out With Conviction – Here’s His Massive Price Target
primereports
  • Website

Related Posts

Cybersecurity

Google loses final appeal to overturn €4.1 billion EU fine

July 2, 2026
Cybersecurity

Anthropic’s AI Finds Bugs. IBM Bets $5B It Can Fix Them.

July 2, 2026
Cybersecurity

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

July 2, 2026
Add A Comment
Leave A Reply Cancel Reply

Top Posts

Paxton’s win over Cornyn sets up high-stakes Texas clash with Talarico

May 28, 202616 Views

Global Resources Outlook 2024 | UNEP

December 6, 202510 Views

Texas Democrat Talarico claims voting laws are rigged ahead of Paxton race

May 28, 20269 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Latest Reviews

Subscribe to Updates

Get the latest tech news from FooBar about tech, design and biz.

PrimeReports.org
Independent global news, analysis & insights.

PrimeReports.org brings you in-depth coverage of geopolitics, markets, technology and risk – with context that helps you understand what really matters.

Editorially independent · Opinions are those of the authors and not investment advice.
Facebook X (Twitter) LinkedIn YouTube
Key Sections
  • World
  • Geopolitics
  • Cybersecurity
  • Popular Now
  • Crypto
  • Artificial Intelligence
All Categories
  • Artificial Intelligence
  • Climate Risks
  • Crypto
  • Cybersecurity
  • Defense
  • Economy
  • Geopolitics
  • Global Markets
  • Healthcare Innovation
  • Politics
  • Popular Now
  • Science
  • Technology
  • World
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms & Conditions
  • Disclaimer
  • Cookie Policy
  • DMCA / Copyright Notice
  • Editorial Policy

Sign up for Prime Reports Briefing – essential stories and analysis in your inbox.

By subscribing you agree to our Privacy Policy. You can opt out anytime.
Latest Stories
  • Australia news live: Deeming lodges legal suit against Victorian Liberal president; blizzard brings snow to NSW and Victorian alps | Australia news
  • Why Is Crypto Market Going Up Today July 2nd
  • Google loses final appeal to overturn €4.1 billion EU fine
© 2026 PrimeReports.org. All rights reserved.
Privacy Terms Contact

Type above and press Enter to search. Press Esc to cancel.