WhatsApp hacking trick manipulates messages in group chats
Security researchers discovered a flaw that lets hackers intercept and manipulate messages, saying WhatsApp should deal with it with the 'utmost importance'
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A major flaw with WhatsApp's messaging app and web platform has been discovered that allows hackers to intercept and manipulate messages sent in a group chat.
Researchers at cyber security firm Check Point uncovered the vulnerability, which they published in a detailed blog post describing how the technique could be used to spread misinformation.
If carried out successfully, hackers would be able to use the exploit to alter the text of someone's reply in a group chat on WhatsApp and use the 'quote' feature to change the identity of a sender in a group conversation.
"We believe these vulnerabilities to be of the utmost importance and require attention," researchers Dikla Barda, Roman Zaikin and Oded Vanunu said in their findings.
"[They give] attackers immense power to create and spread misinformation from what appear to be trusted sources."
The Check Point researchers have informed WhatsApp of the vulnerability, though no one from the messaging app was available for comment.
A video detailing how the "FakesApp" vulnerability works was also published by Check Point.
WhatsApp, which has over 1.5 billion users worldwide, has increasingly become a target for hackers and scammers seeking to exploit the vast user base.
Last month, false rumours spread through the messaging app resulted in a series of lynchings and murders in India.
The latest vulnerabilities to be discovered provoked warnings from cyber security experts that more needs to be done to protect the users of these platforms.
"It's so easy to imagine how being able to imitate our friends and family members like this could cause havoc and enable bad guys to trick us into doing all sorts of things, and undermine not just chats but everything from the way we bank to the way we shop," Kevin Bocek, chief cyber security strategist at software firm Venafi, told The Independent.
"There is nothing we as consumers can do about this flaw – it’s up to companies to make sure they’re protecting all machine identities and how they are used in order to prevent these vulnerabilities and exploits from happening."
The Check Point researchers advised WhatsApp users to be cautious about potential deceptions, going as far as to say social media websites and apps should not be used as a source for news.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments