Saturday, May 24, 2025
34.8 C
Singapore

According to a cybersecurity firm, WhatsApp flaws allow hackers to alter messages

- Advertisement -

Israeli cybersecurity firm Check Point Software Technologies has identified flaws in the popular messaging app WhatsApp that could allow hackers to manipulate messages in both public and private conversations.

This raises the prospect of misinformation being spread by what appears to be trusted sources.

The company provides security for computer networks and it said its researchers found three potential ways to alter conversations.

Using the ‘quote’ feature in a group conversation, the hacker can change the appearance of the identity of a sender.

- Advertisement -

Another way is to let the hacker change the text of someone else’s reply.

And the third, which has been fixed, is to let a person send a private message to another group participant disguised as a public message to all, so when the targeted individual responds, it is visible to everyone in the conversation.

Check Point’s head of products vulnerability research Oded Vanunu said these hacks can have significant consequences with WhatsApp having about 1.5 billion users and it is used for personal conversations, business communications and political messaging.

See also  Canada border agent says mistakenly handed Huawei exec's passcodes to police

The company contacted WhatsApp, which is owned by Facebook about the flaws late last year.

- Advertisement -

Only one of the flaws, disguising a private message as one that becomes visible to an entire group has been addressed.

Vanunu said Check Point is working with WhatsApp but the other problems are difficult to solve because of the messaging app’s encryption.

In May, WhatsApp revealed a vulnerability in its system that could have allowed hackers access to its users’ phones.

The encrypted messaging service said at that time it had discovered and fixed the vulnerability the attackers had sought to exploit.

- Advertisement -

Media sources then said it is a company that was responsible for the hacking. They named the company saying it is an Israeli outfit (not the same company mentioned above) that developed a powerful piece of malware designed to spy on victims.

In this instance, hackers could implant malicious code on a victim’s phone by placing a voice call to the victim on WhatsApp.

See also  Gen Z drives GenAI adoption in Southeast Asia and Hong Kong, outpacing global average

The victims may not even have needed to answer the call for their phone to be infected, CNN reported.

- Advertisement -

Hot this week

Ambitious finance professionals in Asia Pacific eye entrepreneurship as career shift looms

ASIA-PACIFIC: Singapore’s accounting and finance sectors are experiencing a...

LaLa Hsu’s ‘Sometimes, Less is More’ Concert Tour in Singapore is coming this August

SINGAPORE: LaLa Hsu, the Golden Melody award winner, multi-talented...

Yee Jenn Jong responds to NCMP criticism, clarifies Workers’ Party position

SINGAPORE: Former Non-Constituency Member of Parliament (NCMP) and Workers’...

Buried in bureaucracy: How cemetery workers lost their only way around

SINGAPORE: The quiet paths of Lim Chu Kang Muslim...

Popular Categories