WhatsApp app logo displayed on a phone
The Facebook Inc. WhatsApp application is displayed in the App Store on an Apple Inc. iPhone | Photo: Andrew Harrer | Bloomberg
Text Size:

New York/San Francisco: A cybersecurity firm says it has identified flaws in the popular messaging app WhatsApp that could allow hackers to manipulate messages in both public and private conversations, raising the prospect of misinformation being spread by what appears to be trusted sources.

Check Point Software Technologies Ltd., an Israeli company that provides security for computer networks, said its researchers found three potential ways to alter conversations. One uses the “quote” feature in a group conversation to change the appearance of the identity of a sender. Another lets a hacker change the text of someone else’s reply. And the other, which has been fixed, would let a person send a private message to another group participant disguised as a public message to all, so when the targeted individual responded, it was visible to everyone in the conversation.

A WhatsApp spokeswoman declined to comment.

The flaws could have significant consequences because WhatsApp has about 1.5 billion users, and is used for personal conversations, business communications and political messaging, said Oded Vanunu, Check Point’s head of products vulnerability research.

Check Point said it alerted WhatsApp, which is owned by Facebook Inc., about the flaws late last year. But the company said only one of the flaws — disguising a private message as one that becomes visible to an entire group — has been addressed. Vanunu said his company is working with WhatsApp, but the other problems were difficult to solve because of the messaging app’s encryption. -Bloomberg

Also read: Worried about leaks, Indian Army asks personnel to avoid large groups on WhatsApp


ThePrint is now on Telegram. For the best reports & opinion on politics, governance and more, subscribe to ThePrint on Telegram.

Subscribe to our YouTube channel.

Share Your Views


Please enter your comment!
Please enter your name here