Special counsel Robert Mueller claimed to a federal judge on Monday that former Trump campaign chair Paul Manafort had engaged in witness tampering. In the court filing, Mueller writes that FBI investigators obtained messages that Manafort—who was indicted for money laundering, tax fraud, and other charges in October—sent to witnesses in his case in an attempt to convince them to lie about lobbying work they performed for him. Manafort allegedly used WhatsApp and Telegram, two security-focused messaging apps that boast end-to-end encryption, in an apparent attempt to ensure that eavesdroppers would not be privy to his criminal meddling. So how were investigators able to get his messages?
End-to-end encryption isn’t that useful if one of the people in the conversation is a snitch. The court filing claims that two of the witnesses Manafort were trying to contact simply handed all of his Telegram messages over to the authorities. This is the case for many of the WhatsApp communications cited by Mueller’s team as well. But there is an exhibit in the filing that indicates the FBI was also able to examine Manafort’s activity on the app through his iCloud account.
WhatsApp allows users to both automatically and manually back up chats to their iCloud accounts. When turned on, the feature uploads a chat log and media to the account at a frequency determined by the user. If the FBI presents Apple with a subpoena, the company is legally required to give the bureau access to the contents of an iCloud account.
However, WhatsApp claimed in 2017 that it had added its own encryption to the backup files, which was supposed to prevent third parties from gaining access to ostensibly secure communications by worming their way into iCloud. Matthew Green, an assistant professor at the Johns Hopkins Information Security Institute, says that the FBI could have subpoenaed WhatsApp for the encryption key or somehow transferred Manafort’s account to another phone.
Backup features ultimately aren’t doing any favors for people focused foremost on confidentiality. “It definitely degrades the security of WhatsApp,” says Green. “I think when people lose their message histories they get really, really upset. Companies like WhatsApp are really prioritizing giving users what they want, which is backups, over giving them the most secure solution possible.”
For average users who are not committing crimes, backing up WhatsApp data can still render it vulnerable to hackers, according to Green. Even without the power of a subpoena, hackers can still break into an iCloud account by stealing the password—as has happened with many celebrities—and restoring WhatsApp on a new phone. They would also need to intercept the verification text message that WhatsApp sends when you try to register your account on another device. Bitcoin hackers have been known to do this with cryptocurrency wallets by calling a phone carrier and having a victim’s number transferred to a device under their control.
The best way to keep your WhatsApp communications secure is to simply avoid using the backup feature. You also need to make sure the person that you’re chatting with isn’t using the backup feature and, of course, won’t straight up leak your messages.
