Hackers can send WhatsApp fake messages on behalf of users. This seems like you have said something that you never sent yourself, researchers discovered.
Hackers sending Fake messages in WhatsApp under your name
Security researchers from Check Point Software Technologies have found the leak of the generally well-secured WhatsApp, CNET reports. Because a hacker must take part in the chat in order to be able to execute the hack, group calls are particularly susceptible to the hack.
The researchers have found three different ways in which the hack is performed:
- As soon as someone answers in a group conversation, the hacker changes the text. Words are then placed, as it were, in the mouth of the victim.
- By answering via the quote reply function, hackers change the identity of the person who sent the original message or the content of the message. This makes it seem like the message comes from someone who is not in the group. With this they can, for example, accuse people of failing to comply with agreements that have never been made.
- A hacker sends a private message on your behalf to another participant of the group conversation, but in fact, it is a disguised group message. If the ‘victim’ responds, his/her reaction is visible to everyone in the group. Dangerous if you are lured out of the tent to respond to a mean gossip.
With these practices, the hackers can cause serious damage to relationships, friendships or careers. WhatsApp automatically encrypts all content that is sent via the message app. To change messages, these encrypted messages are dismantled by the malicious hackers.
WhatsApp recognizes security vulnerability
The security experts at Check Point have informed WhatsApp of the leak. WhatsApp recognizes the system error. However, a spokesperson says that the hack has nothing to do with the end-to-end encryption, but with the design framework of the app. WhatsApp accounts that are caught on such hacking activities are blocked.
Earlier, WhatsApp has already taken security measures to reduce the number of fake messages and spam sent via the app. The company has introduced a new forwarding function for this purpose.