Security researchers have found an exploit in WhatsApp which would let hackers send fake messages from users without their knowledge…
Apparently, there are flaws in WhatsApp security researchers revealed at this year’s Black Hat conference which make it possible for strangers to send messages from users.
WhatsApp Security Flaws can Send Fake Messages
Check Point Research says it has discovered three different ways to exploit the vulnerability, which includes sending fake messages.
The Next Web explains how the attack works:
“The researchers exploited the web version of WhatsApp that allows users to pair their phone using a QR code.
By obtaining the private and public key pair created before a QR code is generated, and the “secret” parameter that is sent by the mobile phone to WhatsApp Web while the user scans the QR code, the extension makes it easy to monitor and decrypt communications on the fly […]
Once the web traffic — containing details like participant details, the actual conversation, and a unique ID — is captured, the researchers said the flaws allowed them to spoof message replies, alter message content, and even ‘manipulate the chat by sending a message back to the sender on behalf of the other person, as if it had come from them.'”