WhatsApp Vulnerability Allows Hackers to Manipulate Messages

A noteworthy WhatsApp vulnerability allows malicious users to infiltrate group chats and manipulate the messages of individual users. The hackers can take advantage of the malware method and abuse it to intercept and change contents of messages sent in private conversations or large group chats.

Vector Attribution: FreePik

Hackers Can Manipulate Group Chats Via WhatsApp Vulnerability

The WhatsApp messenger client has been plagued by security bugs for quite some time, one of the recent issues has been the cause of concern to security experts. It appears that due to multiple weaknesses hackers can take advantage of the chats — both private ones and in groups. This particular weakness may be a follow-up to the bugs discovered in the app back in January this year.

The criminals abuse the quote feature used in group conversations in order to cause a multitude of malware actions:

  • The hackers can change the identity of the senders of a specified message.
  • A contents of someone’s reply can be modified.
  • A private message can be sent to a specific group participant disguised as a group message.

The security researchers note that the vulnerability does not allow a third person to intercept or change the sent messages. As such the malware changes can only be exploited by users that are part of a group. The bugs can be exploited using various approaches, the proof-of-concept model uses a custom extension for a popular web security software (Burp Suite) which was used for demonstration purposes. The findings showcase that using this method the attackers have the ability to intercept and modify the encrypted messages using the Whatsapp Web interface.

The tool is available for free on GitHub at the moment and it can be used when the associated public (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/whatsapp-vulnerability-hackers-manipulate-messages/