WhatsApp users have been warned to be vigilant against a new security flaw that could allow outsider to intercept and alter messages.
Researchers from security firm Check Point found that hackers could be able to take advantage of a vulnerability in WhatsApp's security protocols to change the content of a message.
Such a tactic could be hijacked in order to spread the reach of fake news stories across the world, Check Point warns.
- Avoid the block - see how to use WhatsApp in China
WhatsApp fake news flaw
WhatsApp has over 1.5 billion users worldwide, with over 65 billion messages sent every day, providing a huge potential attack vector for criminals looking to take advantage of this flaw.
The vulnerability concerns WhtasApp's encryption process, which is meant to protect every message, picture, call, video or other content sent in chats.
However when decrypted, the Check Point team realised that the protocols being used by WhatsApp could be converted and accessed, allowing them to see exactly what rules were being used, and also to change them to their liking.
This could allow hackers to alter the text of someone else’s reply to a group chat, essentially putting words in their mouth, or use the ‘quote’ feature in a group conversation to change the identity of the sender.
Hackers could also send a private message to another group participant disguised as a public message for all, so when the targeted individual responds, it’s visible to everyone in the conversation.
Check Point, which says it has alerted WhatsApp of the flaw, is urging users to be vigilant around the content of their messages, noting that, "if something sounds to good to be true, it usually is."
