Researchers at the company Check Point have discovered a vulnerability in WhatsApp, which allows third parties to intercept messages and manipulate them, for example, changing their contents. This creates a risk of misinforming the other users of the service and compromise of those who sent the altered message.
According to experts, they were able to discover three method of operation of the described vulnerability:
— Sending group chat messages on behalf of users, it does not even consist of;
— Change the content of the text is already sent;
— Imitation send them a private message, the answer to which will be published in a group chat
Correspondence in WhatsApp
The interception of messages by attackers became possible due to flaws in the encryption Protocol protobuf2, say researchers at Check Point. Protobuf2 converting to Json, the experts were able to access the actual parameters of the messages, exploiting it in any of three ways described above. Until now, the bug is still not fixed.
To discuss this and other news Android in our Telegram chat.