Are you using WhatsApp?
If you are one of the over a billion digital citizens across the world using WhatsApp, the world’s most popular messaging platform, then be warned that your messages can be intercepted and manipulated by a threat actor who is out on a mischief.
It’s because – as reported by Check Point Software Technologies Ltd. – WhatsApp has been found to have a weak spot that renders s it susceptible to hacking. Check Point is an Israeli firm that focused, among others, on IT security.
McGallen and Bolden Asia noted that there are over one billion people who use WhatsApp monthly as their primary messaging platform.
WhatsApp, like other messaging platforms, it said, has “frequent and continuous improvements” for users’ better experience and more importantly for their security.
But the platform “is not immune from flaws, just as any complex software are (as shown by the countless vulnerabilities and flaws by all software today, whether desktops, servers, mobiles or IoT (Internet of Things).”
Hackers don’t do it for fun, right?
The cyber bad guys most likely do it for money; other threat actors do it too to steal a country’s secrets for political purposes. And threat actors can be an individual, a group, a government, a nation.
According to Hui Peng of McGallen and Bolden, Check Point has reported a “disturbing revelation” uncovered by its researchers concerning WhatsApp.
“Check Point Software researchers uncovered a flaw in WhatsApp that hackers can use to intercept and manipulate messages sent by people in a group or private conversation, perhaps for fake news dissemination or other deception,” he said.
A look at the report showed the vulnerabilities in WhatsApp could be leveraged as a vehicle to spread scams and fake news.
The Israeli tech company said that through the flaw its researchers uncovered, “attackers can put themselves in a position of immense power to not only steer potential evidence in favor but also create and spread misinformation.”
There are three ways the vulnerability can be a point of attacks, such as:
- Changing a reply from someone to put words into their mouth that they did not say.
- Quoting a message in a reply to a group conversation to make it appear as if it came from a person who is not even part of the group.
- Sending a message to a member of a group that pretends to be a group message but is in fact only sent to this member. However, the member’s response will be sent to the entire group.
Putting into practice the process of Responsible Disclosure, the researchers’ team headed by Oded Vanunu, Check Point’s head of Product Vulnerability Research, communicated their findings to WhatsApp. “We believe these vulnerabilities to be of utmost importance and require attention,” the team said.
Moreover, Vanunu said WhatsApp’s popularity makes it potential for scams.”Given WhatsApps’ prevalence among consumers, businesses, and government agencies, it’s no surprise that hackers see the application as a five-star opportunity for potential scams. As one of the main communication channels available today, WhatsApp is used for sensitive conversations ranging from confidential corporate and government information to criminal intelligence that could be used in a court of law,” he said.
Read Also: Our Phones Affect Our Relationships
Check Point said the instant messaging platform, which is owned by Facebook, has at present more than 1.5 billion users, has over one billion groups, and with a traffic of 65 billion messages transmitted every day.
But it has also been a platform for various scams, like a fake supermarket, airline giveaways, and election tampering because threat actors have countless ways to manipulate unsuspecting users, the tech company said.