contador web Saltar al contenido

Hacked version of WhatsApp makes it possible to change messages already sent

Being the largest messaging app in the world synonymous with attention and, of course, the Whatsapp is in the center of it. Among the various problems involving a service of this magnitude, those related to the safety of its users are certainly a cause for concern.

Recently, the web security company CheckPoint Software Technologies claimed to have discovered a ?flaw? that makes it possible scammers change the content and identity of the sender of a private message that has already been sent, as disclosed by the New York Times.

To accomplish this feat, a hacked version of WhatsApp was created, which obviously was not released or disseminated through which criminals would be able to reply to a past message that does not exist, giving the impression that someone, at some point in the conversation, sent it. Facebook has already recognized that it is possible to manipulate the option that allows you to reply to a specific message within conversations, but disagreed that this may indicate a failure. Still, the company added by saying that it is working to find and remove anyone using an adulterated version of WhatsApp to ?fake the service?.

CheckPoint raised another vulnerability involving the misuse of the messenger, this time involving a group conversation, in which a person would be able to send a message to another specific member of that group, making him believe that all members of that conversation also saw the message and answered it, when in fact it was delivered to just one person. WhatsApp minimized the concerns raised by the security company, saying that most people know the recipient of messages sent by the service.

In the video below (in English), made by CheckPoint, it shows how hackers manage to falsify and adulterate messages in groups, and how this problem can affect the spread of false news (fake news) by the application:

Facebook also indicated that a person can check the validity of a replied message by clicking on it, leading them to the point of the conversation when the message was sent. This feature will not work, of course, unless the message has been deleted or if you were not participating in the group when the message was sent. Nevertheless, it seems that these problems are not cause for fanfare, since the issue seems limited to security experts. Both Facebook and CheckPoint said they did not record cases of regular users creating fake chats.

Regarding the solution of these potential problems, Facebook said that the possible corrections would not be worthwhile, since they would involve creating a transcript of all messages exchanged in the app to validate each one. In addition, transcribing messages poses a significant risk to user privacy, considering that these messages should be stored somewhere.

But is it worth taking the risk? Last month, Facebook announced a test for WhatsApp that limits the forwarding of messages between users, especially those in India and the country with the largest number of customers of the service. Among the reasons that led to this decision is the spread of false news (fake news) through the app, responsible for 17 deaths in the country and several cases of violence in other regions.


WhatsApp Messenger app icon

via CNET