Facebook-owned WhatsApp is one of the most commonly used messenger application all over the world with over 1 billion users. However, researchers from CheckPoint (Israeli cybersecurity specialist) have discovered a major bug in this messaging application, which allows attackers to read and modify messages sent in a group or a private conversation.
According to CheckPoint, this vulnerability in WhatsApp’s encryption method allows attackers to modify messages and user identities in group chats. They are also concerned about massive manipulation of false rumors by taking advantage of this error, mostly in countries like India and Brazil. In a blog post, CheckPoint researchers explained how hackers can take advantage of this error to modify existing replies that were received in a group chat, so it appears that it came from another user who may or may not be part of the group.
What Can an Attacker Do?
Researchers from CheckPoint observed three possible methods of exploiting this vulnerability – which involves hacking skills to fool end-users. A hacker can:
- Use the ‘quote’ feature in a group conversation to change the identity of the sender, even if that person is not a member of the group.
- Alter the text of someone else’s reply, essentially putting words in their mouth.
- Send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it’s visible to everyone in the conversation.
How Does the Attack Work?
WhatsApp encrypts every message or any other type of content, so first researchers had to decrypt the network request. Since the messages between users are secure, a local client still needs to decrypt the message. So the researchers decided to try to reverse engineer WhatsApp’s algorithm to decrypt the data. After decrypting, they founded the variable used by WhatsApp when a message is sent. Then they manipulated the variables in order to see the actual parameters that are sent and manipulate them in order to check WhatsApp’s security. For further Demonstration
You can also check the video below created by CheckPoint researchers, demonstrating the attacks in action.
Regarding this issue, WhatsApp said that they had examined this issue carefully and they are working on it in a very serious way. WhatsApp has also said that they are taking the challenge of false rumors seriously, and recently integrated a limit in the message chains and modified the chat groups”. If you are a WhatsApp user, then stay tuned with us to get further updates.