Fake news has been plight of WhatsApp for some time now. So much so, that the instant messaging application had to introduce some radical checks in India, one of its biggest markets, to prevent the spread of fake news. From labelling forwarded messages to limiting message forwarding, the Facebook subsidiary has been trying a new host of features to put an end to misuse of the messaging platform. A recent revelation, however, has raised security concerns anew for WhatsApp.
An Israeli cybersecurity research firm, Check Point Research, discovered security loopholes in WhatsApp that can be exploited by hackers to "intercept and manipulate messages sent in both private and group conversations". In its report, the firm said that this security flaw can be used to propagate fake messages under the guise of what would appear to be a bona fide source.
WhatsApp provides end-to-end encryption for both private and group conversations so that they cannot be read or manipulated by any third party, even WhatsApp. The ability to surpass these safeguards could lead to severe breach of privacy, and even unchecked spread of fake news.
As per the Check Point Research report, the one of the methods to exploit these vulnerabilities in WhatsApp could be to use the 'quote' feature in a group conversation to change the identity of the sender, even if that person is not a member of the group. Hackers can also alter the text of someone else's reply, essentially putting words in their mouth, or send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it's visible to everyone in the conversation, the report added.
Check Point Research said that it has informed WhatsApp about the shortcomings in its security framework under the process of Responsible Disclosure.
In response to these security concerns, WhatsApp was quoted as saying in a NDTV report, "We carefully reviewed this issue and it's the equivalent of altering an email to make it look like something a person never wrote."
The messaging application, however, added, "This claim has nothing to do with the security of end-to-end encryption, which ensures only the sender and recipient can read messages sent on WhatsApp."
Edited by Vivek Punj
For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine
27 Nifty firms clocked 7% growth in Q4 profit; leaders & laggards
BFSI, tech, and SIPs: Kotak’s equity head reveals where the smart money is moving
India can absorb the heat, Pakistan’s economy can't handle, says Moody’s on rising tension
Warren Buffett to stay as Berkshire chairperson; Greg Abel to become CEO next year
KPIT, Tata Tech, LTTS, Tata Elxsi: What Kotak says on ERD services players
End Of An Era | Warren Buffett Steps Down After 60 Years | Greg Abel To Take Over Berkshire Hathaway
Market Masters: Devina Mehra On Investment Strategy Amid Volatility, Indo-Pak & Trump Tariffs
Adani Ports & Total Gas Lead Market Gains: Here's Why
ICICI & HDFC Bank Surge | Expert Take On Rate Cuts, Sector Outlook & SBI
M&M Q4 Earnings | Profit Up 20% At ₹2,437 Crore, Revenue Up 25% At ₹31,353, ₹25.30/Share Dividend
V-Mart Retail shares slipped 6% today; here's what analysts say
IRCON International secures Rs 187 crore order from KSITIL; details here
Glenmark's research arm gets USFDA fast track status for new drug to treat multiple MyelomaWarren Buffett to stay as Berkshire chairperson; Greg Abel to become CEO next year27 Nifty firms clocked 7% growth in Q4 profit; leaders & laggards