So you can know where someone lives just by sending them a song on WhatsApp
Nowadays it is very difficult for us to imagine our life without WhatsApp. Meta’s messaging app has become, on its own merits, a tool that millions of people use around the world, either to communicate with loved ones or even to work, as well as to send files and photos. This app even allows us to share the location as we please, something that we must always do with our heads. The problem is that there may be some other way of knowing where we are, even without us noticing.
One of WhatsApp’s main concerns is the privacy of its users. Through this app there are many people who share most personal information with others, even its location as we have said a little above. As long as we are the ones who do it consciously, there will be no problem, but there seems to be a new way to know someone’s location and it is in a most “innocent” way.
Your location revealed by a song
The way that we are going to explain to you to know the location is actually quite simple to understand, although to carry it out you do have to have certain prior technical knowledge. In this case, the way to obtain the IP does not differ much from others that we have already explained here, and that are mainly based on making the victim clicks on a URL which, without my knowledge, will record your IP address.
How to make this happen? Well, everything is done with a song. The hook is not very suspicious, since what the affected person receives is nothing more than a message to listen to a song through a platform like Spotify. The “trick” is not going to be in the song itself, but in the URL that will appear to listen to it. This would look very similar to the platform URL; however, it would be an address that would take the user to a page controlled by the one who sent the song and where your IP address will be registered.
Process to know the IP (The side of evil)
When this happens, this web portal redirects the victim to the real Spotify address. In this way, the victim never really realizes what has happened, since this will only see on your device how the address you press takes you to the song that would appear in the WhatsApp conversation window. It is a process that does not have too many limitations, beyond the fact that if the same address is used for several contacts it will be very difficult to know which IP belongs to each person who clicks on the link. To do this, all you have to do is create different addresses, or send the same to different people in stages.
With this IP address, it will only be necessary to address to any GeoIP service and enter it to know details about the location of the victim. It is true that depending on some factors it is possible that the information provided by this IP location service is not completely accurate, but it will serve to give a pretty good idea of where the victim currently is.
These kinds of security holes they are really hard to patch, since the fault is not within the application itself. To do this, the only thing that WhatsApp could do would be to notify the user that they are leaving the app to go to a portal that may not be secure, although as always this will depend on the user and whether or not they trust the person who sent them the message. URLs.
