10 Aug WhatsApp Flaw Allows Attackers to Change Chat Messages
Checkpoint researchers recently disclosed a vulnerability which can allow attackers to alter messages in a WhatsApp chat to appear that it came from another user who is not part of the group, or sending private messages that can be seen by only one person, but have their replies forwarded to everyone in the group.
The researchers said that they were able to reverse WhatsApp’s encryption, then locally decrypt the network requests. Once they were able to see what variables were being used when a message is sent, they were able to manipulate the variables to modify messages or change its appearance to confuse recipients.
The researchers, who uploaded a video demonstration of the attack on YouTube, said that the bug can only be exploited by users in the conversation.
Source: Bleeping Computer