Hackers could be able to doctor WhatsApp messages due to a flaw in the messaging app's security protection, experts have warned.
Researchers from Check Point have revealed that vulnerabilites in WhatsApp could allow hackers to gain access to a user's conversations and alter the content within.
The flaw, published at the Black Hat security confernce in Las Vegas, could affect both private and public chats, potentially leading to the spread of false information or "fake news" by what were thought to be trusted sources.
- WhatsApp attack allowed hackers to install surveillance tech
- Facebook is integrating WhatsApp, Instagram and Messenger
- Android smartphones can be hacked over Wi-Fi
Doctored
Check Point says that it found three different potential ways to alter WhatsApp conversations, all of which can be exploited using a particular tool that affects the app's quoting feature.
The first flaw looks to change how a message's sender is identified, allowing hackers to mis-attribute a message, with the second allowing third parties to change the text of a user's reply.
Also uncovered was a flaw that allows a user to send a private message to another group participant disguised as a public message to all – meaning that when the targeted individual responded, their reply was visible to everyone in the conversation.
Check Point says this third flaw has now been addressed, and it is working with WhatsApp to tackle the others. WhatsApp has yet to comment on the news, but the company has faced criticism recently for failing to halt the spread of fake news on its service.
The app has over 1.5 billion users worldwide, meaning it has a huge possible customer base that could be affected by the flaws.
- Empty list
Via BBC