Security experts have warned that WhatsApp messages can be altered without the user's knowledge due to a flaw in the messaging app's systems.
Researchers from Check Point have revealed that vulnerabilities in WhatsApp could allow hackers to gain access to a user's conversations and alter the content within.
The flaw, published at the Black Hat security conference in Las Vegas, could affect both private and public chats, potentially leading to the spread of false information or “fake news” by what were thought to be trusted sources.
- WhatsApp attack allowed hackers to install surveillance tech
- Facebook is integrating WhatsApp, Instagram and Messenger
- Android smartphones can be hacked over Wi-Fi
Check Point says that it found three different potential ways to alter WhatsApp conversations, all of which can be exploited using a particular tool that affects the app's quoting feature.
The first flaw looks to change how a message's sender is identified, allowing hackers to mis-attribute a message, with the second allowing third parties to change the text of a user's reply.
Also uncovered was a flaw that allows a user to send a private message to another group participant disguised as a public message to all – meaning that when the targeted individual responded, their reply was visible to everyone in the conversation.
Check Point says this third flaw has now been addressed, and it is working with WhatsApp to tackle the others.
“We carefully reviewed this issue a year ago and it is false to suggest there is a vulnerability with the security we provide on WhatsApp,” a Facebook spokesperson told TechRadar Pro.
“The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn’t write. We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private – such as storing information about the origin of messages.”
- Best free anti malware software of 2019