Academic researchers have discovered serious vulnerabilities in the core of Threema, an instant messenger that its Switzerland-based developer says provides a level of security and privacy “no other chat service” can offer. Despite the unusually strong claims and two independent security audits Threema has received, the researchers said the flaws completely undermine assurances of confidentiality and authentication that are the cornerstone of any program sold as providing end-to-end encryption, typically abbreviated as E2EE.
Threema has more than 10 million users, which include the Swiss government, the Swiss army, German Chancellor Olaf Scholz, and other politicians in that country. Threema developers advertise it as a more secure alternative to Meta’s WhatsApp messenger. It’s among the top Android apps for a fee-based category in Switzerland, Germany, Austria, Canada, and Australia. The app uses a custom-designed encryption protocol in contravention of established cryptographic norms.
Two of the vulnerabilities require no special access to a Threema server or app to cryptographically impersonate a user. Three vulnerabilities require an attacker to gain access to a Threema server. The remaining two can be exploited when an attacker gains access to an unlocked phone, such as at a border crossing.
There’s no evidence that any of the flaws have been actively exploited, the first two attacks, 1.1 and 1.2, are likely out of reach of all but the most skilled and well-resourced attackers. By contrast, attacks 2.1, 2.2, and 2.3, which rely on a compromised Threema server, are easy to carry out on either an on-premises server operated by an organization or on Threema itself. It would also be easy for an attacker to conceal such exploits.
Most vulnerabilities are said to have been addressed, but the Ibex protocol has not yet been audited.
It goes to show again though that even though external security audits were done previously, these issues were not identified. There is still some doubt being cast on Threema's basic designs. Just because a claim is made that something is secure, does not necessarily mean it is actually secure...
See Messenger billed as better than Signal is riddled with vulnerabilities
Threema comes with unusually strong claims. They crumble under new research findings.