was finally released to address the issue of fake news.
Cybersecurity researchers have reported another concern pertaining to WhatsApp where user messages can be manipulated. An Israel-based cybersecurity firm, Checkpoint has also created a tool that can alter quotes and make it look like the sender has wrote something that they didn’t.
The security vulnerability in WhatsApp allows hackers to exploit the flaw to embed malware into user devices. According to the researchers, WhatsApp was informed about the issue in August last year and the company addressed only some of the vulnerabilities and is yet to deliver a complete fix.
WhatsApp is the most popular messaging platforms in India and has over 400 million users. The end-to-end encryption has made it harder for Facebook or even law enforcements to monitor and verify the authenticity of the messages.
Checkpoint’s Burp Suit Extension demonstrated at the conference that the tool breaks encryption barrier to decrypt chat messages and make them open to manipulation. For the demonstration, researchers used a web version of WhatsApp to allow users to pair their phones using a QR code.
An official statement from a Facebook spokesperson says, “We carefully reviewed this issue a year ago and it is false to suggest there is a vulnerability with the security we provide on WhatsApp. The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn’t write. We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private — such as storing information about the origin of messages.”
As WhatsApp is fast-becoming a major platform for news consumption and distribution, the exploit can have serious ramifications.