Profile Informations

Login Datas

or login

First name is required!
Last name is required!
First name is not valid!
Last name is not valid!
This is not an email address!
Email address is required!
This email is already registered!
Password is required!
Enter a valid password!
Please enter 6 or more characters!
Please enter 16 or less characters!
Passwords are not same!
Terms and Conditions are required!
Email or Password is wrong!

WhatsApp Is Vulnerable To Hack That Could Allow Attackers To Put Words In Your Mouth

WhatsApp bills itself as a free and secure messaging application with end-to-end encryption and cross platform support, all of which have made it a popular option. However, it may not be as secure as advertised. Vulnerabilities that were disclosed last year have still not been addressed, and if abused, could allow an attacker to spoof messages.
Researchers at Check Point disclosed the a trio of attack vectors last year, explaining that they could enable a hacker to change a user's messages, change a sender's identity, and make private messages viewable to the public. One of those has been addressed, but two of the attack vectors still remain, as researchers recently demonstrated at the Black Hat USA 2019 conference in Las Vegas.

"WhatsApp end-to-end encryption ensures that only you and the person you’re communicating with can read what’s sent, and nobody in between, not even WhatsApp. However, we managed to reverse-engineer WhatsApp web source code and successfully decrypted WhatsApp traffic," Check Point researchers Roman Zaikin and Oded Vanunu said.

The researchers manipulated the encryption scheme that WhatsApp uses, converting the "protobuf2" protocol to Json. This allowed them to see what was going on underneath the hood, and opened the door to messaging shenanigans. One of the things this makes possible is altering the text of a user's reply, "essentially putting worlds in their mouth."

"During the process we unveiled new vulnerabilities that could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation from what appear to be trusted sources," the researchers added.

WhatsApp got scooped up by Facebook in 2014 for $19 billion. The messaging platform boasts over 1 billion users in over 180 countries, which makes these kinds of vulnerabilities all the more worrisome. Hopefully the attention this is receiving will prompt Facebook to finally fix the remaining security flaws.

Go to Source