Posted on August 10, 2018 at 7:40 AM
Hackers could find a way of hacking and exploit WhatsApp chats both on the web and our phones thanks to their ability to a surmount barriers that the current end-to-end encryption offers in the microblogging platform, The Sun reports.
Security experts at Check Point have discovered that hackers can actually manipulate current security protocols to infiltrate group chats and possibly impersonate you in the group with an intention of sending phony messages in your group forum.
How could hackers do it?
By reversing the algorithm that WhatsApp employs to encrypt communication data, cybersecurity analysts at Check Point were able to carry out three trial attacks on the platform. They succeeded in infiltrating a group and changing the identity of a member, altering a member’s response to a group chat thereby altering the message and sending what would appear as a genuine message to a member of the group such that the person’s response to the group is seen by the entire membership of the group.
The researchers explained,
By decrypting the WhatsApp communication, we were able to see all the parameters that are actually sent between the mobile version of WhatsApp and the Web version. This allowed us to then be able to manipulate them and start looking for security issues.
Think about the alarm that a chat message from a member could cause when admin asks how everyone is fairing only for a hacker to sneak in a message of an accident or kidnap. How bad can’t that get? Nothing can be worse than a shrewd hacker literary putting words in your mouth, may be calling for a quick response from your friends without your knowledge. How terrible!
The danger posed
Is it a big deal? Well inasmuch as what goes in group chats is nothing serious other than occasional sharing of GIFs and the usual chatter, users will always be sensitive to anything annoying, and what Check Point cybersecurity analysts exposed is a perfect way of annoying members to an extent where they leave in droves.
The real peril is having hackers getting right into conversations that do not concern them and not just that, going ahead to cause confusion. Fake WhatsApp messages caused lynching and death in India early in the year and that is the possible hazard that such hackers can pose.
Amid the concern, Check Point made a point of informing WhatsApp about the possible vulnerabilities in their security infrastructure. WhatsApp is known for churning out tips that help users to keep up with group chats. Recently, they assured users about their safety and advised them to report suspicious activity on chat forums or even block users from whom suspicious messages emanate.
It remains to be seen how successful users would be in spotting fake messages on WhatsApp. Is it their responsibility? It is the high time WhatsApp did more to check such risky vulnerabilities in their app. What do you think?