Sci-tech

WhatsApp's Security Flaw Can Allow Hackers To Manipulate Your Messages

WhatsApp's Security Flaw Can Allow Hackers To Manipulate Your Messages”

WhatsApp has refused to fix a security flaw that allows hackers to spoof messages and make it look as if they are coming from someone else, nearly a year after a cybersecurity company warned that it could permit the spread of misinformation and fake news.

Check Point disclosed the flaws at the Black Hat 2019 security conference in Las Vegas, but it's worth noting that Facebook was notified sometime around the end of 2018, and has only managed to fix one of the three vulnerabilities - the one where you can be fooled into mixing public and private messages.

WhatsApp's "protobuf2 protocol" was converted to JSON to find out how the messages could be manipulated.

WhatsApp rejected the Check Point study saying the hacks were not a vulnerability with the security protocols of the instant messaging app.

According to the researchers, the vulnerability would enable threat actors to intercept and manipulate messages sent in private and also in the group.

In particular, the encryption technology used by WhatsApp made it extremely hard - perhaps impossible - for the company to monitor and verify the authenticity of messages being sent by users. This was done by reversing WhatsApp's decryption algorithm data. The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn't write. In June, WhatsApp was criticized as the source of fake news circulating around the India, Brazil, Kenya, and the UK.

The latest study reveals a complex but feasible method for hackers to conduct frauds through WhatsApp.

More news: Frontier Airlines giving away free flights to people named 'Green' or 'Greene'

The first flaw looks to change how a message's sender is identified, allowing hackers to mis-attribute a message, with the second allowing third parties to change the text of a user's reply.

In a statement to IANS, a Facebook spokesperson said it reviewed the issue a year ago and found that it was "false to suggest there is a vulnerability with the security we provide on WhatsApp".

The Facebook-owned messaging app has more than 1.5 billion users and is used in 180 countries around the world; the average user checks the app 23 times a day. The vulnerability relies on the fact that a participant in the group can, of course, access the decrypted version of the messages.

"This does not mean that users should stop using WhatsApp".

"Yet, users should be very careful when contributing to group chats".

Rahul Tyagi, Co-founder, Lucideus said, "WhatsApp can prevent this by addressing the vulnerabilities and fixing them which WhatsApp denied the existence of".



Like this

loading...
loading...

Latest


09 August 2019
Detroit man deported to Iraq by Trump administration dies without insulin
His criminal history ultimately led to him being incarcerated and transferred to ICE custody in the early 2000s, Bajoka said . We think now they'll understand that this is life or death for people. 'We must change our policies to keep people safe'.

09 August 2019
Victoria's Secret Sent An Open Letter By High Profile Models Surrounding Abuse
Together, we can lead the industry to RESPECT. (Sampaio also created history as the first transgender model to appear on Vogue Paris ' cover in 2017).

09 August 2019
Ashes 2019: Harris points finger at Anderson over fitness call
James Anderson broke down after just four overs at Edgbaston and did not bowl again as Australia romped to a 251-run victory.

09 August 2019
Misuse of land and agriculture is driving climate change
Land use and changes in land use have been an integral part of the conversation on climate change. Add in transporting food, energy costs, packaging and that grows to 37 percent, the report said.

09 August 2019
Apple faces investigation for suspected unfair competition in Russian Federation
The Wall Street Journal had mounted a study with antitrust contention on such alleged favoritism in the Apple app store. At the same time, Apple introduced its own Screen Time iOS application, also functioning as a parental control program.

09 August 2019
Venice outlaws large ships from historic centre
In response to the crash, thousands of people marched in Venice to demand that cruise ships be kept out of the lagoon. The city receives between 25 to 30 million visitors each year, 14 million of them staying for just one day.

09 August 2019
No Man's Sky Beyond Introduces Multiplayer Social Space, the Nexus
Almost eight years ago, with a love of sci-fi, we started writing the very first lines of code on what would become No Man's Sky . When we made No Man's Sky , we always wanted it to feel like you had stepped into the cover of a science fiction novel.

09 August 2019
'Honey Boy' trailer features Shia LaBeouf playing his own father
Today, with the release of Honey Boy's first trailer, it feels like the prologue to emotional devastation. Slightly older Otis is portrayed by none other than Lady Bird and Boy Erased star Lucas Hedges .

09 August 2019
You can now discover and listen to podcasts in Google Search
Not only this, publishers will have the option to choose a playback app or third-party website that will appear in search results. After it has been added, you'll be able to search podcasts using your smart speakers or using Google Assistant on your phone.

09 August 2019
Missing orcas declared dead
The Center for Whale Research said J17 wasn't in good condition last winter, and researchers assumed it was because of stress. According to the Center for Whale Research, J17 is a 42-year-old matriarch from J-pod.