A new vulnerability has surfaced in WhatsApp’s encryption method that allows attackers to alter messages and user identities in group chats. This could prove devastating as attackers could potentially harm people sending false texts.
Security researchers at CheckPoint Research discovered the vulnerability. They explained in a blog post how “quote” feature can be used to modify the existing replies in a group conversation so it appears that it came from another user who may or may not be part of the group.
This hack could also be used to send private messages to an individual in a group in a way that it is visible to only one person in that group. But when that targeted individual replies, his or her replies could be seen by everyone in the group.
How does the attack work?
Since WhatsApp encrypts the messages, the researchers first had to decrypt the network request. Even then messages between users are secure so a local client still needs to decrypt the message and this is where the researchers reversed the encryption. Later, they locally decrypted the network requests to determine how communication is done and find out the variables used when a message is sent.
These variables can be manipulated to modify the messages and alter the order in which they appeared to confuse the recipient. For further demonstration of this attack, check out the video below that was created by the CheckPoint team.