Filipino users of WhatsApp at risk from hackers’ attacks

Are you using WhatsApp?

If you are one of the over a billion digital citizens across the world using WhatsApp, the world’s most popular messaging platform, then be warned that your messages can be intercepted and manipulated by a threat actor who is out on a mischief.

It’s because – as reported by Check Point Software Technologies Ltd. – WhatsApp has been found to have a weak spot that renders s it susceptible to hacking. Check Point is an Israeli firm that focused, among others, on IT security.

McGallen and Bolden Asia noted that there are over one billion people who use WhatsApp monthly as their primary messaging platform.
WhatsApp, like other messaging platforms, it said, has “frequent and continuous improvements” for users’ better experience and more importantly for their security.

But the platform “is not immune from flaws, just as any complex software are (as shown by the countless vulnerabilities and flaws by all software today, whether desktops, servers, mobiles or IoT (Internet of Things).”

Read Also: With Global Giant Amazon Operating in the PH, Retail Chains Must Up Their Game

Hackers don’t do it for fun, right?

The cyber bad guys most likely do it for money; other threat actors do it too to steal a country’s secrets for political purposes. And threat actors can be an individual, a group, a government, a nation.

According to Hui Peng of McGallen and Bolden, Check Point has reported a “disturbing revelation” uncovered by its researchers concerning WhatsApp.

“Check Point Software researchers uncovered a flaw in WhatsApp that hackers can use to intercept and manipulate messages sent by people in a group or private conversation, perhaps for fake news dissemination or other deception,” he said.

A look at the report showed the vulnerabilities in WhatsApp could be leveraged as a vehicle to spread scams and fake news.

The Israeli tech company said that through the flaw its researchers uncovered, “attackers can put themselves in a position of immense power to not only steer potential evidence in favor but also create and spread misinformation.”

There are three ways the vulnerability can be a point of attacks, such as:

  • Changing a reply from someone to put words into their mouth that they did not say.
  • Quoting a message in a reply to a group conversation to make it appear as if it came from a person who is not even part of the group.
  • Sending a message to a member of a group that pretends to be a group message but is in fact only sent to this member. However, the member’s response will be sent to the entire group.

Putting into practice the process of Responsible Disclosure, the researchers’ team headed by Oded Vanunu, Check Point’s head of Product Vulnerability Research, communicated their findings to WhatsApp. “We believe these vulnerabilities to be of utmost importance and require attention,” the team said.

Moreover, Vanunu said WhatsApp’s popularity makes it potential for scams.”Given WhatsApps’ prevalence among consumers, businesses, and government agencies, it’s no surprise that hackers see the application as a five-star opportunity for potential scams. As one of the main communication channels available today, WhatsApp is used for sensitive conversations ranging from confidential corporate and government information to criminal intelligence that could be used in a court of law,” he said.

Read Also: Our Phones Affect Our Relationships

Check Point said the instant messaging platform, which is owned by Facebook, has at present more than 1.5 billion users, has over one billion groups, and with a traffic of 65 billion messages transmitted every day.

But it has also been a platform for various scams, like a fake supermarket, airline giveaways, and election tampering because threat actors have countless ways to manipulate unsuspecting users, the tech company said.

EDD K. Usman
EDD K. Usman: 1st winner of “Best Science Feature Story” of 2018 UP Science Journalism Award on February 17; winner in June 2014 for Print Media in Kabalikat Award Media Category of PCIEERD-DOST Science Journalism Award; alumnus of United States’ East-West Center 2008 Senior Journalists Seminar; participant of South Korea 2000 Executive Seminar for Information Technology Journalists; senior journalist at Manila Bulletin until April 15, 2016; stringer/contributor at present for Rappler, Newsbytes.ph, Claire Delfin Online Magazine, Malaya Business Insight, Agriculture Magazine (of Manila Bulletin), and U.S.-based Philippine News. Traveled on assignment abroad more than 30 times. Reports about SciTech, IT, ICT, Current Events, and many other subjects under Heaven.

Leave a Reply