WhatsApp flaw lets hackers alter your messages and completely change the words you sent

A glitch in the code of WhatsApp could let hackers alter your messages and change the words you have sent, cybersecurity researchers have found.

Attackers using the flaw could alter text from quoted messages and manipulate the thread of a conversation, experts claim.

They could even make it look as if the sender said something they didn’t say, by putting a different name above the comments made. 

Scroll down for video 

Risk: Hackers can alter the text within quoted messages, manipulating the thread of a conversation - and even making it look as if the sender said something they didn't

Risk: Hackers can alter the text within quoted messages, manipulating the thread of a conversation - and even making it look as if the sender said something they didn't

Risk: Hackers can alter the text within quoted messages, manipulating the thread of a conversation – and even making it look as if the sender said something they didn’t

WHAT HAVE FACEBOOK SAID? 

‘We carefully reviewed this issue a year ago and it is false to suggest there is a vulnerability with the security we provide on WhatsApp.

‘The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn’t write. 

‘We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private, such as storing information about the origin of messages.”

The flaw was demonstrated by cybersecurity firm Check Point Research, who warned that ‘malicious actors’ may use the glitch to spread misinformation and fake news. 

The team detailed the hack at the Black Hat cyber-security conference in Las Vegas, Nevada, on Tuesday.

There, they screened a video which illustrated how easily a message can be doctored. 

Worse still, they claim Facebook bosses were made aware of the issue last year, but are yet to resolve it.  

‘Towards the end of 2018, Check Point Research notified WhatsApp about new vulnerabilities in the popular messaging application that would enable threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers the power to create and spread misinformation from what appear to be trusted sources,’ they said on their site.

‘We believe these vulnerabilities to be of the utmost importance and require attention.’  

Before: Here, the team at Check Point Research illustrate the glitch by depicting a conversation between an employee and their manager

Before: Here, the team at Check Point Research illustrate the glitch by depicting a conversation between an employee and their manager

Before: Here, the team at Check Point Research illustrate the glitch by depicting a conversation between an employee and their manager 

After: They

After: They

After: Here, the message from the boss has been doctored – a clear example of how ‘malicious actors’ can use the flaw to spread misinformation and fake news

One-way conversation: The glitch allows people to send themselves messages on behalf of someone else

One-way conversation: The glitch allows people to send themselves messages on behalf of someone else

Talking to yourself: WhatsApp users can give the illusion of conversing with another person

Talking to yourself: WhatsApp users can give the illusion of conversing with another person

Fake views: The glitch also allows people to send themselves messages on behalf of someone else, effectively creating what appears to be a two-way conversation

Unfortunately, they disagreed – and only fixed another error, which allowed people to send a private message to another group participant, disguised as a public message. 

‘We carefully reviewed this issue a year ago and it is false to suggest there is a vulnerability with the security we provide on WhatsApp,’ a spokesperson told Forbes.

‘The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn’t write.

‘We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private, such as storing information about the origin of messages.’

MailOnline have contacted a Facebook – the company who now own WhatsApp – representative for comment, but they are yet to respond. 

Details of the flaw are published on the Check Point Research site.

Link hienalouca.com

(Просмотров всего: 11 Время, 1 визитов за день)

Leave a Reply

Your email address will not be published. Required fields are marked *