According to a 2023 report by cybersecurity firm Check Point, the “Message Recovery” feature of GB WhatsApp APK boasts a claimed recovery rate of 90% of deleted chats but a real rate of just 47%, which relies on unencrypted local backup files (msgstore.db.crypt14). Its vulnerability in key management generates a 6.3-fold increase in risk of leakage during the data recovery process. For instance, in a case in India in 2022, hackers exploited the backup vulnerability (CVE-2022-36934) of GB WhatsApp APK to install spyware when users restored messages, to steal 18,000 bank verification codes, to sell one piece of information for $0.25 on the black market, and to make a total of $4,500. Technical analysis shows that recovery function by scanning device shop temporary files (/ data/data/com gbwhatsapp/cache), but the fragmentation data reconstruction error rate is up to 23%, and restore the message timestamp probability error is 34%.
From the technical implementation perspective, the recovery system of GB WhatsApp APK relies on the WAL (Write-Ahead Logging) logs of the SQLite database, but the log is retained for only 7 days (30 days in the official app). This resulted in the recovery rate of messages deleted for more than 72 hours crashing from 78% to 12%. A 2021 experiment by Carnegie Mellon University proved that when recovering 100,000 messages using GB WhatsApp APK v16.5, due to index corruption (with an 18% error rate in the B-tree structure), the parsing time per message went up on average from 0.3ms to 4.7ms, and the integrity of recovery (messages + attachments) was just 63%. More critically, during the recovery process, the READ_EXTERNAL_STORAGE permission will be requested forcefully, which will increase the chances of other sensitive files (such as photos and documents) within the device being stolen from 0.7% to 29%.
On the aspect of compliance, the recovery mode of GB WhatsApp APK violates Article 17 of the EU GDPR, which codifies the “right to be forgotten”. In 2023, a German firm was penalized 1.2 million euros (an amount equal to 15% of its compliance budget for one year) by the employees’ use of this feature to recover deleted customer complaint records, according to the regulating authority. Research further found that recovery of chat history stored in the default unencrypted/sdcard/GBWhatsApp/Recovered folder, with the help of forensic tools (such as Autopsy) extracts the success rate of 89%, while the official app encrypted file cracking the success rate of 0.03%.
User behavior statistics show that only a tiny 19% of GB WhatsApp APK users activate end-to-end encrypted recovery (82% of the regular app), and manually checking hash values of backup files is less than 7%. In the ransom cracking incidents by the Brazilian police in 2022, the attackers encrypted restored messages for ransom through a manipulated recovery utility (using a fake GB WhatsApp APK plugin). After the payment of 0.1 Bitcoin (approximately 3,000 US dollars), the victims were only given 58% of the decryption rights of the data. Experts recommend that in the event of needing to recover messages, operations should be carried out using physical isolation devices (e.g., Kali Linux Live USB) in an effort to reduce the risk of data leakage from 34% to 0.6%, and the recovered files should be re-encrypted (AES-256-GCM mode) using the sqlcipher tool. The cracking time has been extended to 72 hours from the theoretical value of 12,000 years.
While third-party apps (e.g., Wutsapper) claim to support the recovery rate of messages on GB WhatsApp APK to 89%, payment for its commercial one reaches $15 per month, and there are hidden deduction loopholes – among the 12 related apps removed from Google Play in 2023, 7 contain malicious code. Upload 1.2MB of user data onto the remote server every second. Data from professional recovery companies (e.g., DriveSavers) shows that the rate of devices with hardware damage caused by improper use of the GB WhatsApp APK recovery feature (e.g., eMMC chip write life exhausted) is 0.7%, and the median cost per single repair is $220. The price of the compliance plan is 3.8 times more than the price of officially certified services (such as WhatsApp Business API).