Check Point Research have discovered a serious flaw with Whatsapp.
This flaw could allow hackers to hack into people’s accounts and send fake messages, causes issues in friendships, relationships and even employment.
Check Point said a hacker can:
– Alter the text of someone else’s reply to a group chat, essentially putting words in their mouth.
– Use the ‘quote’ feature in a group conversation to change the identity of the sender, to
make it appear as if it came from a person who is not even part of the group. By doing this, it
would be possible to incriminate a person or close a fraudulent deal, for example.
– Send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it’s visible to everyone in the conversation.
This bug has been fixed.
It’s not a simple hack, requiring the wrongdoer to break into Whatsapp algorithms, which encrypt the messages.
‘By decrypting the WhatsApp communication, we were able to see all the parameters that are actually sent between the mobile version of WhatsApp and the Web version. This allowed us to then be able to manipulate them and start looking for security issues.’
Check Point research have ‘notified WhatsApp of the flaws’ however, it is part of the app’s design framework so they have only admitted to it and not given a timescale for a fix.
Keep you friends close and your enemies closer in that case, till the fix has been actioned.
