Not only dating apps, 20 more apps sending sensitive information to Facebook

Google has indexed invite links to private WhatsApp group chats, meaning anyone can join various private chat groups (including several porn-sharing groups) with a simple search.

According to a report in Motherboard, invitations to WhatsApp group chats were being indexed by Google.

The team found private groups using specific Google searches and even joined a group intended for NGOs accredited by the UN and had access to all the participants and their phone numbers.

Journalist Jordan Wildon said on Twitter that he discovered that WhatsApp's "Invite to Group Link" feature lets Google index groups, making them available across the internet since the links are being shared outside of WhatsApp's secure private messaging service.

"Your WhatsApp groups may not be as secure as you think they are," Wildon tweeted on Friday, adding that using particular Google searches, people can discover links to the chats.

According to app reverse-engineer Jane Wong, Google has around 470,000 results for a simple search of "chat.whatsapp.com", part of the URL that makes up invites to WhatsApp groups.

WhatsApp spokesperson Alison Bonny said: "Like all content that is shared in searchable public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users."

"The links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website," Bonny told The Verge.

Danny Sullivan, Google's public search liaison, tweeted: "Search engines like Google & others list pages from the open web. That's what's happening here. It's no different than any case where a site allows URLs to be publicly listed. We do offer tools allowing sites to block content being listed in our results."

With the scrapping of Mitron and Remove China Apps from its Play Store gaining a lot of attention in India, Google on Thursday said that it removed a video app "for a number of technical policy violations", while adding that it also does not allow an app that "encourages or incentivizes users into removing or disabling third-party apps".

Both the apps became immensely popular in India within a short span of time due to the prevailing anti-China sentiment amid border tensions between India and China in Ladakh and calls by Indian activists to boycott Chinese products.

Reports suggested that the Mitron app is a repackaged version of TicTic, which is a TikTok clone.

The Remove China Apps was designed to help users identify applications of Chinese origin.

Without naming the apps, Google hinted that the Mitron app may make a comeback on the Play Store once it fixes some technical issues, but the chances of the Remove China Apps are thin.

"We have an established process of working with developers to help them fix issues and resubmit their apps. We've given this developer (of the video app) some guidance and once they've addressed the issue the app can go back up on Play," Sameer Samat, Vice President, Android and Google Play, said in a statement.

Google said that its Android app store was designed to provide a safe and secure experience for the consumers while also giving developers the platform and tools they need to build sustainable businesses.

Samat said that Google Play recently suspended a number of apps for violating the policy that it does not allow an app that "encourages or incentivizes users into removing or disabling third-party apps or modifying device settings or features unless it is part of a verifiable security service".

"This is a longstanding rule designed to ensure a healthy, competitive environment where developers can succeed based upon design and innovation. When apps are allowed to specifically target other apps, it can lead to behaviour that we believe is not in the best interest of our community of developers and consumers," Samat said.

"We've enforced this policy against other apps in many countries consistently in the past - just as we did here," he added.

Consumer watchdog Which? has claimed that more than one billion Android phones and tablets are vulnerable to hackers as they no longer supported by security updates.

According to the research report, the most at-risk phones are any that run Android 4 or older and those smartphones running Android 7.0 which can not be updated are also at risk.

Based on data from Google analysed by Which?, two in five android device users around the world are no longer receiving the important updates. Currently, those devices are unlikely to have issues, but the lack of security leaves them open to attack.

"It is very concerning that expensive Android devices have such a short shelf life before they lose security support, leaving millions of users at risk of serious consequences if they fall victim to hackers," Kate Bevan editor Which? said in a statement.

"Google and phone manufacturers need to be upfront about security updates with clear information about how long they will last and what customers should do when they run out. The government must also push ahead with planned legislation to ensure manufacturers are far more transparent about security updates for smart devices and their impact on consumers," Kate added.

Android phone released around 2012 or earlier, including popular models like the Samsung Galaxy S3 and Sony Xperia S, are particularly at risk to hackers.

Which? has made suggestions to Android users on what to consider if they have an older phone that may be at risk.

Any Android device which is more than two years old, check whether it can be updated to a newer version of the operating system. If it is on an earlier version than Android 7.0 Nougat, try to update via Settings> System>Advanced System update.

In case a user is not able tto update the phone, the device could be at risk of being hacked if it is running a version of Android 4 or lower.

A user also need to be careful about downloading apps outside the Google Play store and should also install a mobile anti-virus via an app.