At the Real World Crypto Zurich security conference from 10 to 12 January on this year, a group of researchers from the Ruhr University Bochum in Germany showed a series of flaws in encrypted messaging apps.
The showed WhatsApp’s flaw refers to stealth adding people to private chat groups. This allows to the new user to spy all group and removing the new user alert when a new user is added to the group. The only way to detect the spy user is if admin is checking all group members.
To exploit this flaw is necessary to access at WhatsApp’s servers.
From WhatsApp, they reply, it’s unlikely that anyone can access to the servers.