Advertisment

One-year old WhatsApp vulnerability yet to be fixed

WhatsApp has a year-old security flaw, CheckPoint identified flaws that could allow hackers to manipulate messages in both public and private conversations.

author-image
CIOL Bureau
New Update
WhatsApp

WhatsApp, Facebook-owned messenger app, has security flaws that can be exploited to fool end-users. A cybersecurity firm CheckPoint identified the flaws that could allow hackers to manipulate messages in both public and private conversations.

Advertisment

In the past few months, India faced various mob lynching and other incidents due to rumours. WhatsApp is already working on updates to help users identify spam messages on its platform. But this security flaw is raising the prospect of misinformation being spread by what appears to be trusted sources.

Check Point Software Technologies Ltd. revealed that its researchers found three potential ways to alter conversations.

1. Group conversations – using the "quote" feature in a group conversation, a hacker can change the appearance of the identity of a sender.

Advertisment

2. Text alteration – The hacker can alter the text of someone else’s reply in a group conversation.

3. Private message – Using the third flaw, a hacker can send a private message to a group participant disguised as a public message to all and when the targeted user responds, it becomes visible to everyone.

"We carefully reviewed this issue a year ago and it is false to suggest there is a vulnerability with the security we provide on WhatsApp," a spokesperson for Facebook. "The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn't write. We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private - such as storing information about the origin of messages."

whatsapp