WhatsApp flaw lets hackers intercept and manipulate messages
Check Point report warns that WhatsApp could be used to spread fake news in chats.
WhatsApp users have been warned to be vigilant against a new security flaw that could allow outsider to intercept and alter messages.
Researchers from security firm Check Point found that hackers could be able to take advantage of a vulnerability in WhatsApp's security protocols to change the content of a message.
Such a tactic could be hijacked in order to spread the reach of fake news stories across the world, Check Point warns.
- Avoid the block - see how to use WhatsApp in China
WhatsApp fake news flaw
WhatsApp has over 1.5 billion users worldwide, with over 65 billion messages sent every day, providing a huge potential attack vector for criminals looking to take advantage of this flaw.
The vulnerability concerns WhtasApp's encryption process, which is meant to protect every message, picture, call, video or other content sent in chats.
However when decrypted, the Check Point team realised that the protocols being used by WhatsApp could be converted and accessed, allowing them to see exactly what rules were being used, and also to change them to their liking.
This could allow hackers to alter the text of someone else’s reply to a group chat, essentially putting words in their mouth, or use the ‘quote’ feature in a group conversation to change the identity of the sender.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Hackers could also send a private message to another group participant disguised as a public message for all, so when the targeted individual responds, it’s visible to everyone in the conversation.
Check Point, which says it has alerted WhatsApp of the flaw, is urging users to be vigilant around the content of their messages, noting that, "if something sounds to good to be true, it usually is."
Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.