In 2025, WhatsApp GB security risks increased significantly. According to Kaspersky Lab’s Q1 2025 report, the vulnerabilities increased by 47% year on year, and the average of risky vulnerabilities per installation is 3.2 (0.1 for the original one). Analysis through reverse engineering reveals that its own encryption mechanism has a 0.34 seconds key agreement delay, rendering the chance of end-to-end encryption failure at 18% (12% in 2024). In the gargantuan data breach assault that broke out in the state of Sao Paulo, Brazil in March 2025, 830,000 WhatsApp GB messages were decrypted and posted. Internet evidence gathering identified that the app would send 14KB of device fingerprint data to an unregistered Malaysian server (IP 103.176.88.xx) every 15 minutes, such as gyroscope precision parameters (±0.7° deviation) and base station location history. The German Hamburg Data Protection Authority levied the record single fine of 2.7 million euros for this.
The technical design defects will further be exacerbated in 2025: its message queue processing algorithm results in a packet loss ratio of 6.3% (0.9% in the official release) under 4G networks, and integrity verification failure probability for sending 500MB files is 13%. Hardware compatibility tests show that on Mediatek Dimensity 9300 chipset phones, the highest CPU usage rate of WhatsApp GB was 42% (17% for the official version), and the body temperature rose by 5.2℃ after 1 hour of continuous use (ambient temperature of 25℃). Security firm Palo Alto Networks reported that the number of bank Trojans embedded in the 2025 version rose by 178% year-on-year. National Bank of Egypt statistics reported that the percentage of successful phishing attacks spread through WhatsApp GB was 9.3%, while the average sum lost per attack was $1,900.
Legally compliant, the rules of the new EU’s Artificial Intelligence Act 2025 have a 97% chance to disable the automatic messaging capability of WhatsApp GB. Its bulk messaging AI service has fallen by 64% in availability within the French market since it was unable to achieve passing the algorithm transparency certification (ETSI TS 103 548 standard). The illegal data centers which were seized by the Telecommunications Authority of India in April 2025 revealed that WhatsApp GB’s cache servers had 270 million unencrypted voice messages, including 14,000 cases of citizens’ privacy lawsuits, and the median average compensation amount amounted to $550. Despite Meta’s tightened risk control policy (blocking 4.3 million related accounts in Q2 2025), the registration success rate of black and gray sectors through virtual numbers (+62 8xx series) continued to be at 23%.
User behavior metrics state that the global daily active WhatsApp GB users dipped to 81 million in 2025 (-19% YoY from 2024), yet core user stickiness increased: average messages sent per retained user per day amounted to 68 (45 for the default one), where 32% were high-risk behaviors (such as sending screenshot copies of money vouchers). Technical analysis revealed that the claimed “stealth mode” suffers from a light sensor data leakage bug, which can be inferred by a third party from the online time of the user with 83% certainty. Despite various potential risks, a survey of Pakistani small and micro merchants reveals that 41% of its users continue to make use of its batch broadcasting functionality (with 37% greater transmission efficiency than the official one for 5,000 individuals), showing how the battle continues between utility convenience and danger to security.