A new vulnerability has emerged in WhatsApp encryption that allows attackers to change messages and user identities in group chats. This could be devastating as attackers may cause harm by sending deceptive and false texts that are not related to you. We have already seen how fake messages spread on WhatsApp in many countries, forcing the Facebook-owned company to introduce new features to combat intrusive and annoying messages.
Security researchers at Checkpoint Research have discovered a security vulnerability in the WhatsApp application, explaining how the “quote” feature can be used to modify existing replies in a group chat to make it appear as if they came from another user, who may or may not be part of the group. This exploit can also be used to send private messages to an individual in a group in a way that is visible to only that person in the group. However, when the targeted individual responds, everyone can see their replies.
Read Also: New WhatsApp Feature Under Testing to Combat Fake News and Spam
How Does the Attack Work?
Since WhatsApp encrypted messages, researchers first had to decrypt the network request, so even though messages between users are secure, the local client still needs to decrypt the message. This is where researchers reversed the encryption. Later on, they decrypted the network requests locally to determine how the connection is made and identify the variables used when sending a message. These variables can be manipulated to modify messages and change the order, making it appear as if they were coming from recipients, mixed up between the receivers. For more information on this attack, watch the video below created by the CheckPoint team.
Read Also: 10 Alternatives to WhatsApp that Truly Respect Your Privacy
