The hackers could modify the messages, publish them in a group supplanting one of the members or send a message to a single user making it go through a group
Israeli cybersecurity specialist CheckPoint announced Wednesday that it discovered a bug in the WhatsApp messaging application, which allows users to read and modify messages sent in a group or a private conversation.
According to CheckPoint, hackers could act in conversations in three different ways : by modifying messages posted by a person, posting a message in a group by posing as one of the participants and sending a specific message to a member of a group by passing it on for a group message.
The cybersecurity company is concerned about the massive manipulations that could be carried out taking advantage of this error and recalled the cases of false rumors spread in recent years through this application, in countries such as India and Brazil, which led to lynchings of people.
WhatsApp said in a statement that it had “carefully examined this problem […] There is no security problem in the encryption of the application , which guarantees that only the sender and receiver can read their message exchange”.
Greater danger in groups
CheckPoint highlighted the consequences that such a failure could have at times like an election period, since “WhatsApp plays an increasingly important role there, particularly in developing countries”.
“In the important groups, to which cascades of messages are sent, there is little chance that a member takes the time to verify one of the information disseminated, so he could easily be fooled,” the company adds.
In this sense, WhatsApp affirms that it takes “the challenge of misinformation in a very serious way and that it recently integrated a limit in the message chains and modified the chat groups”. “We also veto users who try to modify the application to circumvent these limits,” he adds.
WhatsApp, founded in 2009 and acquired by Facebook in 2014, said earlier this year that it had more than 1,500 million users and that 65,000 million messages a day are exchanged in its application