Due to security holes in WhatsApp, attackers can change the content of messages sent

9. 8. 2019

Many vulnerabilities were revealed at the ongoing Black Hat security conference. Among them are bugs in the WhatsApp application that allow attackers to change the content of messages.

Holes in WhatsApp can be exploited in three possible ways. The most interesting is when you change the content of the message you are sending. As a result, the text that you didn't actually write will be displayed.

There are two options:

An attacker can use the "reply" feature in a group chat to confuse the identity of the message sender. Even if the person in question is not in the group chat at all.
Furthermore, he can replace the quoted text with any content. It can thus completely overwrite the original message.

In the first case, it is easy to change the quoted text to make it look like you wrote it. In the second case, you do not change the identity of the sender, but simply edit the field with the quoted message. The text can be completely rewritten and the new message will be seen by all chat participants.

The following video shows everything graphically:

Check Point experts also found a way to mix public and private messages. However, Facebook managed to fix this in the WhatsApp update. Conversely, the attacks described above were not corrected by a probably can't even fix it. At the same time, the vulnerability has been known for years.

The error is hard to fix because of the encryption

The whole problem lies in encryption. WhatsApp relies on encryption between the two users. The vulnerability then uses a group chat, where you can already see the decrypted messages in front of you. But Facebook can't see you, so basically it can't intervene.

Experts used the web version of WhatsApp to simulate the attack. This allows you to pair a computer (web browser) using a QR code that you load into your smartphone.

Once the private and public key are linked, a QR code including a "secret" parameter is generated and sent from the mobile app to the WhatsApp web client. While the user is scanning the QR code, an attacker can seize the moment and intercept the communication.

After an attacker has details about a person, a group chat, including a unique ID, he can, for example, change the identity of sent messages or completely change their content. Other chat participants can thus be easily deceived.

There is very little risk involved in normal conversations between two parties. But the bigger the conversation, the harder it is to navigate the news and the easier it is for a fake news to look like the real thing. So it's good to be careful.

It could be interest you

iPad

WhatsApp is changing its strategy and preparing separate applications for iPad, Mac and PC

David Hanak

Source: 9to5Mac

Topics: WhatsApp, smartphone, Facebook, 9to5mac, video lesson, Počítač, function, user, Application

Discussion of the article

Your name

Your comment

By filling in the above data, I acknowledge that the company TEXT FACTORY s.r.o., registered office in Brno, Durďákova 336/29, Černá Pole, ZIP code: 613 00, ID number: 06157831, registered at the Regional Court in Brno, section C, insert 100399, will process my personal data provided in the registration form filled out by me on the basis of the legitimate interests of TEXT FACTORY s.r.o. according to Article 6 paragraph 1 letter f) GDPR and to fulfill legal obligations (Article 6, paragraph 1, letter c) GDPR), for the following purposes: the necessity to ensure the authorization of visitors to websites operated by TEXT FACTORY s.r.o. to actively contribute to published articles or within discussion forums and exercising the rights of TEXT FACTORY s.r.o. as the administrator of these discussion forums. More information about the processing of personal data and rights can be found in Lessons on personal data protection. the entire text

It could be interest you

The error is hard to fix because of the encryption

It could be interest you

Related