A cybersecurity firm has claimed to have identified a flaw in WhatsApp that lets hackers manipulate both public and private conversations. Israel-based Check Point Software, which provides security for computer networks, said it discovered three potential ways of altering conversations on WhatsApp. And while WhatsApp has been notified of the flaw, only one of them has been fixed and addressed.
According to Check Point’s research hackers could manipulate text messages using ‘quote’ feature to change the name and appearance of the sender on WhatsApp. Any malicious party could also change a reply received from another contact, while a third method let hackers send private messages disguised as a public message to all individuals in a WhatsApp group chat. This means the reply becomes visible to everyone in the conversation, even though it was intended to be private.
Check Point said it reported the vulnerabilities to WhatsApp and only the last of the three flaws have been addressed and fixed. The company is still working with WhatsApp to get the other vulnerabilities block, but it’s proving challenging because of WhatsApp’s encryption.
With a good user interface and less data requirement, the app has successfully managed to gain 1.5 Bn monthly active users, including 400 Mn in India. However, the messaging and payments platform has been making the headlines for its use in spreading fake news across the globe, and these vulnerabilities certainly won’t make things easier for the platform
WhatsApp has also had trouble with the Indian government for not controlling the spread of fake news through its platform. However, a report released by AudienceNet said that around 80%, out of a sample size of 1,520 urban Indian aged 18 years and above, trusted WhatsApp with their data, despite its role mob-lynching cases in India.
The company has been aggressively trying to curb the spread of fake news on its platform by rolling out additional features like ‘forward’ tags for forwarded messages and limited the forwards to only five chats. This month, it came up with ‘Frequently Forwarded’ feature, which tells the user if a message has been forwarded multiple times.