WhatsApp flaw allows hackers to manipulate messages: Cybersecurity firm – CNA

68
173
WhatsApp flaw allows hackers to manipulate messages: Cybersecurity firm – CNA

World

FILE PHOTO: The WhatsApp messaging application is seen on a phone screen

FILE PHOTO: The WhatsApp messaging application is seen on a phone screen August 3, 2017. REUTERS/Thomas White/File Photo


(Updated: )

NEW YORK: New vulnerabilities found in messaging app WhatsApp can be used by hackers to manipulate and intercept messages between users, a cybersecurity firm found.

Israeli company, Check Point Research, said in an email release on Thursday (Aug 8) that it highlighted the flaws to WhatsApp towards the end of 2018.

WhatsApp messages are encrypted so that they can only be seen by the recipient.

But the cybersecurity firm said its researchers managed to create a tool that allowed them to “decrypt WhatsApp communication and spoof the messages”.

“By decrypting the WhatsApp communication, we were able to see all the parameters that are actually sent between the mobile version of WhatsApp and the Web version. This enabled us to then manipulate them and start looking for security issues,” the firm said.

Check Point researchers found three potential ways to alter messages and these were revealed during a presentation at the annual Black Hat security conference in Las Vegas on Wednesday.

One of the methods involved the use of the “quote function” in a group conversation to change the sender’s identity.

“In this attack, it is possible to spoof a reply message to impersonate another group member and even a non-existing group member,” the firm said.

Hackers can also change the text of someone’s reply and send private messages disguised as public messages to members of a group chat, so the target’s response is visible to all the participants in the conversation.

“By doing so, it would be possible to incriminate a person, or close a fraudulent deal, for example,” the firm said.

A third vulnerability that has been fixed according to the firm involved allowing private messages sent to group members to be disguised as public. 

“The three methods involve social engineering tactics to fool end-users,” the firm said.

“Instant messaging is a vital technology that serves us day-to-day, we manage our private and professional life on this platform and it’s our role in the infosec industry to alert on scenarios that might question the integrity,” Oded Vanunu, head of products vulnerability research at Check Point, was quoted by Forbes as saying.

68 COMMENTS

  1. … [Trackback]

    […] There you can find 74876 additional Info on that Topic: worldnewsnetwork.co.in/whatsapp-flaw-allows-hackers-to-manipulate-messages-cybersecurity-firm-cna/ […]

  2. I simply want to tell you that I’m new to weblog and absolutely loved you’re web blog. More than likely I’m likely to bookmark your site . You actually have beneficial well written articles. Thanks a bunch for sharing your web-site.

  3. Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point. You clearly know what youre talking about, why waste your intelligence on just posting videos to your weblog when you could be giving us something enlightening to read?

  4. You really make it seem so easy with your presentation but I find this topic to be actually something that I think I would never understand. It seems too complicated and very broad for me. I am looking forward for your next post, I’ll try to get the hang of it!

  5. I and also my buddies were found to be reviewing the excellent tips and tricks on your site and so suddenly I got an awful suspicion I never expressed respect to the web site owner for those tips. All the young boys were as a consequence excited to study all of them and have absolutely been taking advantage of them. We appreciate you getting so helpful and then for figuring out these kinds of ideal subject matter millions of individuals are really eager to discover. Our own sincere apologies for not saying thanks to you sooner.

  6. Have you ever thought about writing an e-book or guest authoring on other websites? I have a blog based on the same information you discuss and would love to have you share some stories/information. I know my readers would enjoy your work. If you’re even remotely interested, feel free to shoot me an e-mail.

  7. Considering another person whom knows about reports, still would not realize how to travel alongside one another? You may be just a friend or relative that does not have any any time to help you relax as well as dwelling and additionally hammer outside phrases even on a key pad.

  8. Its such as you read my thoughts! You seem to grasp a lot about this, such as you wrote the e-book in it or something. I feel that you can do with some % to force the message home a little bit, but other than that, that is fantastic blog. A fantastic read. I will definitely be back.

  9. Thanks for giving your ideas. Something is that scholars have an option between federal student loan and also a private education loan where it really is easier to go for student loan online debt consolidation than through the federal education loan.

  10. Hey, you used to write wonderful, but the last few posts have been kinda boring… I miss your tremendous writings. Past several posts are just a little out of track! come on!

  11. I do trust all of the ideas you’ve offered for your post. They are really convincing and will definitely work. Still, the posts are very quick for novices. Could you please prolong them a bit from next time? Thanks for the post.

  12. It’s actually a cool and useful piece of info. I’m glad that you shared this useful information with us. Please keep us up to date like this. Thanks for sharing.

  13. hello!,I like your writing very a lot! proportion we keep up a correspondence more approximately your post on AOL? I require an expert on this space to unravel my problem. Maybe that’s you! Having a look ahead to peer you.

  14. Thanks for some other wonderful post. Where else may just anyone get that kind of information in such an ideal approach of writing? I’ve a presentation next week, and I’m at the look for such info.

  15. My wife and i ended up being now excited that Albert could conclude his analysis from the ideas he received through the web page. It is now and again perplexing to just always be giving freely facts which usually some people have been trying to sell. We really keep in mind we have got the writer to thank for this. The most important illustrations you have made, the simple blog menu, the relationships your site aid to create – it’s most incredible, and it’s really letting our son in addition to our family consider that this article is exciting, which is certainly exceptionally fundamental. Many thanks for all the pieces!

  16. Great – I should certainly pronounce, impressed with your web site. I had no trouble navigating through all the tabs and related information ended up being truly easy to do to access. I recently found what I hoped for before you know it in the least. Quite unusual. Is likely to appreciate it for those who add forums or anything, website theme . a tones way for your customer to communicate. Nice task..

  17. … [Trackback]

    […] Find More here on that Topic: worldnewsnetwork.co.in/whatsapp-flaw-allows-hackers-to-manipulate-messages-cybersecurity-firm-cna/ […]

  18. I have been exploring for a bit for any high quality articles or weblog posts on this sort of space . Exploring in Yahoo I eventually stumbled upon this website. Reading this info So i am happy to exhibit that I have an incredibly just right uncanny feeling I came upon just what I needed. I most no doubt will make sure to don¡¦t put out of your mind this web site and provides it a look regularly.

  19. Thanks for giving your ideas. Something is that students have a selection between national student loan and a private education loan where it truly is easier to go for student loan debt consolidation than in the federal student loan.

  20. When I initially commented I clicked the -Notify me when new feedback are added- checkbox and now every time a comment is added I get four emails with the same comment. Is there any means you possibly can take away me from that service? Thanks!

  21. Thank you for sharing superb informations. Your website is very cool. I’m impressed by the details that you have on this blog. It reveals how nicely you perceive this subject. Bookmarked this website page, will come back for extra articles. You, my pal, ROCK! I found simply the info I already searched everywhere and just couldn’t come across. What an ideal site.

  22. Hey There. I found your blog using msn. This is an extremely well written article. I will make sure to bookmark it and return to read more of your useful info. Thanks for the post. I will certainly return.

  23. Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point. You obviously know what youre talking about, why waste your intelligence on just posting videos to your weblog when you could be giving us something enlightening to read?

  24. Great – I should certainly pronounce, impressed with your site. I had no trouble navigating through all the tabs and related info ended up being truly easy to do to access. I recently found what I hoped for before you know it in the least. Quite unusual. Is likely to appreciate it for those who add forums or anything, website theme . a tones way for your client to communicate. Nice task.

LEAVE A REPLY

Please enter your comment!
Please enter your name here