An Israeli cybersecurity firm Check Point Research has discovered flaws in WhatsApp that can let hackers literally put “words in your mouth.” Check Point Security, in a press release on Wednesday, said that these flaws could enable attackers to spread rumors and misinformation from what appear to be trusted sources.
Check Point Research has discovered three flaws in WhatsApp’s system.
• One flaw can enable an attacker to use the “quote” feature in a public WhatsApp group and change the appearance of the identity of the sender.
• Another flaw can let an attacker change the text of a person’s reply.
• And because of another flaw, a hacker can send a private message to an individual that can appear like a public message to the individual. And once the individual replies to the message, the message becomes visible to everyone.
The last flaw has been fixed, but the former two still prevail. WhatsApp has declined to make any comment regarding the matter.
Check Point Research discovered the flaws is by reversing WhatsApp’s encryption algorithm. Cyber Point Research reversed the algorithm and decrypted that data. After doing this, the company could view all the parameters sent between the web and WhatsApp’s mobile version.
That is, if a hacker wishes to change the text of your messages, he can undertake the following steps.
o Capture your message from WhatsApp
o Decrypt the data
o Alter the texts of the message to whatever he desires to send
o And again encrypt back
The messaging app WhatsApp owned by the Facebook owner Mark Zuckerberg is very popular. Discovery of such flaws in its system as serious as it has more than 1.5 billion users in 180 different countries around the world. An average user checks WhatsApp 23 times a day. So the potential to spread online rumors and misinformation is quite high.