Private WhatsApp & Telegram group chats exposed in Google search results

By Aneesh A S 0 Comment February 27, 2020

WhatsApp and Telegram groups are not as private and secure as you think they are.

Jordan Wildon, a multimedia journalist for German outlet Deutsche Welle disclosed this via a tweet stating that using Whatsapp’s “Invite to Group via Link” feature lets groups be indexed by search engines by Google.  This means that with just a simple search, anyone can discover and join a wide range of WhatsApp group chats that are open on the internet. It also empowers potential attackers to find other active chats via brute forcing.

This also makes it surprisingly easy to find some rather interesting and odd groups related to the Illuminati, porn and other topics. App Reverse Engineer Jane Wong stated in a tweet that Google has around 470,000 results for a search containing the keywords “,”.

Google stated that it will index any sites on the open web, and that includes group invites,adding that it offers “tools allowing sites to block content being listed” in its results.

Response from WhatsApp

WhatsApp apparently did not configure these links to request that they do not get indexed by search engines like Google. WhatsApp stated that just like all content that is shared in searchable, public channels, invite links that are publicly posted on the internet can be found by anyone using WhatsApp. Links that users wish to share privately should not be posted on a public website.Following the issue, WhatsApp has now configured its chat site to request that search engines like Google do not index invite links.

Links are still exposed on Bing

These exposed links are appearing on other search engines like Bing and we tried it ourselves and got the following results.

Suggested Safety Measure

Jordan says that if users are concerned regarding this issue, he suggests enabling the “Reset link” in the “Invite to Group via Link” under the group settings. While the issue seems partially resolved for WhatsApp, Telegram groups’ links may appear in search engine results.

