A flaws has been discovered in WhatsApp, that allows scammers or hackers to alter your messages. This was discovered by a cyber-security firm, who revealed that the vulnerability so far allows for three possible attacks. This vulnerability, includes; Changing a reply from someone, Quoting a message in a reply to a group conversation to make it appears as if it came from a person who is not even part of the group, and finally, Sending a message to a member of a group that pretends to be a group message but is in fact only sent to this member, but the member’s response will be sent to the entire group.
Although WhatsApp acknowledged that anyone can manipulate the Quote feature, but has failed to admit this as a flaw. The platform says it working to find and remove anyone using a fake application to spoof the service. WhatsApp says that 90 percent of all messages are exchanged one-on-one. It also revealed that majority of groups consist of six people or less thus making it less likely that an unknown person can infiltrate a conversation with an aim to trick other users in the group. WhatsApp says fixing the issue are not worth trying.
Oded Vanunu, Check Point’s Head of Product Vulnerability Research said:
Given WhatsApp’s prevalence among consumers, businesses, and government agencies, it’s no surprise that hackers see the application as a five-star opportunity for potential scams. As one of the main communication channels available today, WhatsApp is used for sensitive conversations ranging from confidential corporate and government information, to criminal intelligence that could be used in a court of law.
Carl Woog, a spokesman for WhatsApp, in a statement said:
We carefully reviewed this issue and it’s the equivalent of altering an email. What Check Point discovered had nothing to do with the security of WhatsApp’s so-called end-to-end encryption, which ensures only the sender and recipient can read messages.