A newly discovered WhatsApp bug allows hackers to infiltrate and send messages to their group chats and private conversations.
If combined with other existing technical flaws, the vulnerability could allow cyber criminals to pretend to be you and send fake messages to friends and family, security experts warned.
The researchers who unearthed the error believe that it is of the greatest importance. WhatsApp solves the problem, since it could be used to quickly spread the wrong information.
The company, owned by Facebook, says it is aware of the flaw, but has no plans to correct the problem, since exploited vulnerability is a fundamental part of the design of the application.
Scroll down to watch the video
A new WhatsApp bug allows hackers to infiltrate their group chats and private messages. Failure means that attackers can send messages (left) and quote (right) on behalf of another person
Discovered for the first time by the Israeli cybersecurity group CheckPoint Research, the flaw is incredibly complex and involves a gap in the application's encryption algorithms.
Writing to their website, the team said the vulnerability could allow a hacker to intercept and manipulate messages sent by those in a group or in a private conversation, as well as "create and disseminate misinformation."
Hackers could use the error to alter the text sent in another person's response to a group conversation, essentially "putting words in the mouth," the group said.
The function & # 39; appointment & # 39; WhatsApp can also be used to change the identity of the sender, so that it seems to come from a person who is not even part of the group.
By doing this, it would be possible to incriminate a person or close a fraudulent deal, for example.
Finally, cyber criminals could send a private message to another participant in the group that disguises itself as a public message for everyone, so that when the target person responds, it is visible to everyone in the conversation, said CheckPoint.
HOW COULD HACKERS USE THE NEW WHATSAPP FLAW?
A team of Israeli researchers has discovered a vulnerability in WhatsApp that allows hackers to infiltrate group chats and private messages.
They say that a sufficiently motivated hacker can:
1) Alter the text of another person's response to a group chat, essentially putting words in their mouths.
2) Use the & # 39; quote & # 39; in a group conversation to change the identity of the sender, so that it seems to come from a person who is not even part of the group.
3) By doing this, it would be possible to incriminate a person or close a fraudulent deal, for example.
4) Send a private message to another group participant that is disguised as a public message for everyone, so that when the target person responds, it is visible to everyone in the conversation.
The vulnerability is incredibly complex and implies a gap in the way in which the web and mobile versions of WhatsApp are communicated.
CheckPoint discovered that hackers can be inserted into the code between the two to retrieve and send fake messages from the service.
WhatsApp said that currently has no plans to correct the vulnerability as it forms a central part of the & # 39; design framework & # 39; of the application.
The firm assured users that the gap does not affect its end-to-end encryption: the system that guarantees that only users of a conversation can read their messages.
"We carefully review this problem and it is the equivalent of altering an email so that it looks like something a person never wrote," said a WhatsApp spokesperson.
The company, owned by Facebook, says it is aware of the flaw, but has no plans to fix it, since the vulnerability is a central part of the design of the messaging application (stock image)
"This claim has nothing to do with the security of end-to-end encryption, which ensures that only the sender and the recipient can read the messages sent by WhatsApp."
The report of the failure occurs when the company, owned by Facebook, faces increasing scrutiny over the use of its popular service as a tool to spread false news.
WhatsApp is a convenient platform through which to forward messages to large groups of people.
Last month, the application announced the limits of forwarding messages after pressure from the Indian government on an avalanche of recent lynchings
More than 20 people have been murdered in the last three months by crazy fanatics after being accused of kidnapping children and other crimes in viral messages circulating wildly on WhatsApp.