WhatsApp user? Beware! Your messages can be accessed, even edited by hackers

If you are on WhatsApp, which most people are, you need to be more careful than ever before. Cyber security researchers at Check Point Research have spotted a flaw that allows hackers to edit users' messages, essentially putting words in their mouths. This can lead to horrific consequences for innocent WhatsApp users.

WhatsApp user? Beware! Your messages can be accessed, even edited by hackers
The researchers demonstrated how this flaw could be exploited at the Black Hat cybersecurity conference in Las Vegas this week. Source - Pixabay.
Written By: ZeeBiz WebTeam
Edited By: Harish Dugh
Updated: Fri, Aug 09, 2019
10:22 am
New Delhi, ZeeBiz WebDesk
RELATED NEWS
Latest WhatsApp update: Voice and video calls now on Desktop app too | Details of features here Latest WhatsApp update: Voice and video calls now on Desktop app too | Details of features here
WhatsApp self-destructing images: Here's all you need to know about this 'testing' feature WhatsApp self-destructing images: Here's all you need to know about this 'testing' feature
WhatsApp feature: Check account balance, fixed deposit (FD), credit card payment details via 1 message WhatsApp feature: Check account balance, fixed deposit (FD), credit card payment details via 1 message
New WhatsApp feature rolled out; now, you can import 3rd-party sticker packs in India; Here's how to use it New WhatsApp feature rolled out; now, you can import 3rd-party sticker packs in India; Here's how to use it
WhatsApp Mute Video feature: You just cannot afford to miss out on this WhatsApp Mute Video feature: You just cannot afford to miss out on this

If you are on WhatsApp, which most people are, you need to be more careful than ever before. Cyber security researchers at Check Point Research have spotted a flaw that allows hackers to edit users' messages, essentially putting words in their mouths. This can lead to horrific consequences for innocent WhatsApp users. The researchers demonstrated how this flaw could be exploited at the Black Hat cybersecurity conference in Las Vegas this week. In blog post, researchers said that this flaw "could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation from what appear to be trusted sources."

The Check Point Research has observed three possible methods of attack exploiting this vulnerability. It said that all these methods involve social engineering to fool the users. These ways include -

1. Using the ‘quote’ feature in a group conversation to change the identity of the sender, even if that person is not a member of the group.

2. Alter the text of someone else’s reply, essentially putting words in their mouth.

Watch Zee Business TV LIVE Streaming Online -

3. Send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it’s visible to everyone in the conversation.

The researchers claim that the tool could be used to incriminate a person or close a fraudulent deal. The research firm said that it had informed WhatsApp about the vulnerability at the end of 2018, but the company has failed to address the issue. "We believe these vulnerabilities to be of the utmost importance and require attention," the researchers said in a blog post .

"By decrypting the WhatsApp communication, we were able to see all the parameters that are actually sent between the mobile version of WhatsApp and the Web version. This allowed us to then be able to manipulate them and start looking for security issues. This resulted in us being able to carry out a variety of attack types," the firm added.

As long as the flaw remains and is addressed, your conversations remain vulnerable. 

Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.