What’s Up with WhatsApp’s Fake Messages?: Have you ever found yourself in trouble by friend’s comment or shocked by the words of your Mom wrote in a group message on WhatsApp? WhatsApp users who have been questioning the content of comments from friends and family that could be victims of a malicious actor, according to the research released by Check Point.
According to the blog post today, the Check Point researchers have successfully discovered a vulnerability in WhatsApp that could allow any attacker to not only intercept the messages but also manipulate them to put fake quotes into someone’s digital mouth.
Thus far, the researchers have found out that there are various attacking methods that an attacker can use to exploiting the vulnerability.
- Changing a reply from someone to put words into their mouth that they did not say.
- Quoting a message in a reply to a group conversation to make it appear as if the message came from a person who is not part of the group.
- Sending to a member of a group a message that looks to be a group message but is in fact only sent to this member. However, the member’s response will be sent to the entire group.
More than 1.5 billion WhatsApp users have reportedly send over 65 billion messages per day. With more than 1 billion groups on the Facebook-owned application, there is a wealth of opportunity for any attacker to have some sort of fun scamming and scrambling the people’s exchange.
Check Point researchers wrote that they followed the process of responsible disclosure to inform WhatApp of the vulnerability they found.
“Given WhatsApp prevalence among consumers, businesses, and government agencies, it’s no surprise that hackers see the application as a five-star opportunity for potential scams,” said Oded Vanunu, the head of products vulnerability research at Check Point.
“As one of the main communication channels available today, WhatsApp is used sensitive conversations, ranging from confidential corporate and government information to criminal intelligence that could be used in a court of law.”