Researchers Discover Multiple Vulnerabilities in Threema App

A team of researchers from ETH Zurich has published a paper describing multiple security flaws in Threema, a secure end-to-end encrypted communications app. The app, which is widely used by government agencies and over 10 million individuals and organizations worldwide, was found to have several vulnerabilities that could compromise the privacy of communication over the app. The ETH Zurich team devised seven attacks against Threema's protocol, including the ability to steal private keys, delete messages, break authentication, and spoof servers. …

app attacks communication communications compromise discover encrypted end end-to-end eth flaws government keys organizations privacy private keys protocol researchers security security flaws steal team threema vulnerabilities zurich