Security experts have warned that WhatsApp messages can be altered without the user’s knowledge due to a flaw in the messaging app’s systems.
Researchers from Check Point have revealed that vulnerabilities in WhatsApp could allow hackers to gain access to a user’s conversations and alter the content within.
The flaw, published at the Black Hat security conference in Las Vegas, could affect both private and public chats, potentially leading to the spread of false information or “fake news” by what were thought to be trusted sources.
Check Point says that it found three different potential ways to alter WhatsApp conversations, all of which can be exploited using a particular tool that affects the app’s quoting feature.
The first flaw looks to change how a message’s sender is identified, allowing hackers to mis-attribute a message, with the second allowing third parties to change the text of a user’s reply.
Also uncovered was a flaw that allows a user to send a private message to another group participant disguised as a public message to all – meaning that when the targeted individual responded, their reply was visible to everyone in the conversation.
Check Point says this third flaw has now been addressed, and it is working with WhatsApp to tackle the others. WhatsApp has yet to comment on the news, but the company has faced criticism recently for failing to halt the spread of fake news on its service.
The app has over 1.5 billion users worldwide, meaning it has a huge possible customer base that could be affected by the flaws.