WhatsApp, the world’s most popular messenger, has a major vulnerability. Specialists have shown how you can impersonate you in a group chat. This opens the way for fraud, misinformation and attacks against a specific person. The vulnerability was discovered a year ago and can still be exploited.
Analysts who found a vulnerability in the communicator also came up with several ways to exploit it. One of them is putting words in your mouth … as far as you can say in text communication. Cyber criminals can send messages that look like they came from you.
WhatsApp is susceptible to quoting
There are two ways to cheat. The attacker can use quotes in a group conversation and change the user ID to his own. The text you write will then look like a message from him. You don’t even have to be a member of this group.
The second way is to replace the text in your reply. What you have written can be edited by the attacker when quoting. The original statement you see will remain unchanged, but the modified version will reach the addressee.
The vulnerability was found by analysts from Check Point. The effects of the exploits showed at a conference for ethical hackers “Black Hat” in the US.
WhatsApp still has this vulnerability
In addition, specialists found a way to cheat by mixing private and public messages. This vulnerability has already been patched by Facebook and poses no threat. The two vulnerabilities described above are unlikely to be patched, at least not in the near future.
Professional hackers informed Facebook a year ago. Fixing the citation flaws is, however, “impractical” from Facebook’s point of view. Encryption of end-to-end conversations in this case is a disadvantage of the messenger. The message substitution attack exploits the fact that chat participants have access to a decrypted version of the message. Facebook cannot access it, so it can’t check if it has been changed.
The risk is not high
Fortunately, conducting an attack requires more than quoting someone in a conversation. Attackers must first capture the cryptographic keys. They can do this by pairing WhatsApp in the browser with the phone using a QR code.
The private key and public key are generated just before showing the QR code. After scanning the code, the application on the phone sends a secret parameter to the application in the browser. This set allows you to decrypt messages sent by WhatsApp on the fly.
Then the attacker needs to focus on intercepting network traffic with your group conversations. This data will help prepare tools for manipulating your statements.
The risk that this vulnerability will be used for real attacks is low. However, this is not impossible. The more people talk in a group, the less secure chat is.
I am William, I live in Roubaix, France, I have two wonderful children and also a beautiful wife whom I love the most in the world. I work in a French company on a daily basis and deals with the administration of computer systems, on my blog you will find entries on various topics but mainly on topics related to mobile technologies, computer systems, news and more.