We use WhatsApp on a daily basis to communicate with our loved ones and colleagues. So, it is scary to think that the WhatApp messages we receive may not actually be real.
It turns out that Check Point Research uncovered several vulnerabilities in the popular messaging platform during the Black Hat 2019 conference. These flaws are so bad that bad actors are able to manipulate chat messages on the Facebook-owned platform. This opens the door for malicious messages and fake news to spread wide given that there are over 1.5 billion WhatsApp users.
According to Check Point Research, there are three possible methods of attack that exploit this vulnerability.
- Use the ‘quote’ feature in a group conversation to change the identity of the sender, even if that person is not a member of the group.
- Alter the text of someone else’s reply, essentially putting words in their mouth.
- Send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it is visible to everyone in the conversation.
Now to date, WhatApp has fixed the 3rd vulnerability but we are not out of the woods yet because the first two vulnerabilities are not plugged just yet.
There are unfortunately no real resolutions to this problem so in the meantime we should take the messages sent over WhatsApp with a healthy dose of salt.