Hackers Can Manipulate Your WhatsApp Messages With This Security Flaw

Share

In the sample, the boss's message was altered to increase the supposed raise from $500 to $1,500.

A cybersecurity firm has discovered a flaw in WhatsApp that allows hackers to intercept and manipulate messages - potentially changing the identity of a message sender or altering their text.

Check Point informed WhatsApp of the vulnerabilities in August 2018.

The Check Point Research team claimed to have observed three possible methods of attack exploiting this vulnerability, all involving social engineering tactics to fool end-users.

WhatsApp's parent company Facebook told researchers that the rest of the two shortcomings could not be fixed due to limited infrastructure.

Researchers uncovered several WhatsApp vulnerabilities during the Black Hat 2019 conference.

Facebook was already aware of the bugs, but the company failed to act on them past year because "limitations that can't be solved due to their structure and architecture". Furthermore, the spokesperson stated that addressing the concerns, perhaps by way of storing information on the origin of the text messages, would make WhatsApp less private.

A group of researchers at security firm Check Point has highlighted vulnerabilities in popular messaging app WhatsApp.

More news: Jeffrey Epstein is dead, according to multiple news reports
More news: Israel soldier-settler found dead in southern occupied West Bank
More news: Samjhauta Express carrying Indian, Pakistani nationals reaches Delhi 4.5 hours late

People always have the option of blocking a sender who tries to spoof messages and they can report problematic content to us.

Third, a private message could be sent to a group participant disguised as a public message and when the targeted individual responds it becomes visible to everyone in the conversation.

"These encryption processes caught our attention, and we chose to try to reverse the WhatsApp's algorithm to decrypt the data", said Check Point.

"WhatsApp end-to-end encryption ensures that only you and the person you're communicating with can read what's sent, and nobody in between, not even WhatsApp".

"WhatsApp is the most popular instant messenger in the world". The vulnerability relies on the fact that a participant in the group can, of course, access the decrypted version of the messages. This tool explains how hackers can hack private and group chats. We also work to ban accounts trying to change WhatsApp and use it to spam users.

"This does not mean that users should stop using WhatsApp, as, while security bugs are of course risky, they are not uncommon in any type of software", said Chebyshev.

At this point, it's not yet clear if Facebook is still working on a way to resolve the flaws or the company is just going to let them there for eternity.

Share