Skip to main content
  1. Home
  2. News

Hackers can fake WhatsApp messages that seem like they’re from you

Allison Matyus
By

A WhatsApp security vulnerability could allow someone to intercept or manipulate your personal messages to make it look like you said something you didn’t.

A 2018 report from Check Point Research found three vulnerabilities within the popular Facebook-owned app. Check Point found that an attacker could: 

Recommended Videos

“ 1. Use the ‘quote’ feature in a group conversation to change the identity of the sender, even if that person is not a member of the group.

Related

2. Alter the text of someone else’s reply, essentially putting words in their mouth.

3. Send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it is visible to everyone in the conversation.”

Check Point said that after alerting WhatsApp to the issues, the app fixed the third vulnerability, but the other potential problems that could lead to online scams and fake news still remain. 

WhatsApp is a messaging app that provides end-to-end encryption, free internet-based international calling, and cross-platform compatibility. Check Point says that because the app encrypts messages, videos, calls, photos and more, the vulnerabilities it found will persist.

WhatsApp says the issues that Check Point describes as “of the utmost importance and require attention” are not an actual vulnerability.  

“We carefully reviewed this issue a year ago, and it is false to suggest there is a vulnerability with the security we provide on WhatsApp,” a Facebook spokesperson told Forbes. “The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn’t write. We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private, such as storing information about the origin of messages.”

In May, another WhatsApp security flaw was found that enabled surveillance software to be placed on a user’s phone using the app’s call feature. WhatsApp fixed the vulnerability and advised users to update their app to the latest version.

Digital Trends reached out to WhatsApp to comment on the recent security vulnerabilities and to see if the remaining issues will be fixed, and this story will be updated upon a response. 

Editors' Recommendations

Topics
Allison Matyus
Allison Matyus
Former Digital Trends Contributor
Allison Matyus is a general news reporter at Digital Trends. She covers any and all tech news, including issues around social…
WhatsApp launches crypto-powered mobile payments in the U.S.
WhatsApp Messenger on an iPhone.

WhatsApp has launched a digital payments pilot in the U.S., allowing a limited number of people to send and receive money with the same ease they would a regular message. This payment feature is powered by the Meta-owned Novi digital wallet service, which uses Pax Dollars (USDP) to facilitate transfers, and they all go through instantly.

Meta launched Novi back in 2020, saying, "With Novi, sending money will be as easy as sending a message. You’ll be able to use Novi as a stand-alone app, as well as in Messenger and WhatsApp. There will be no hidden charges to add, send, receive or withdraw money, and your transfers will arrive instantly. All Novi customers will be verified using government-issued ID, and fraud protections will be built in throughout the app."

Read more
WhatsApp upgrades its disappearing messages feature
WhatsApp

WhatsApp will now allow you to make your messages vanish for all new chats. It's a feature that means that all messages sent within a conversation will disappear after a period of time, with the company letting you choose between a day, a week, or three months.

"As more of our conversations move from face-to-face to digital, we acknowledge there is a certain magic in just sitting down with someone in-person, sharing your thoughts in confidence, knowing you are both connecting in private and in that moment. The freedom to be honest and vulnerable, knowing that conversation isn’t being recorded and stored somewhere forever," the WhatsApp team explained.  The feature is rolling out now on iOS and Android. Enabling it is done by opening the WhatsApp settings and navigating to Account>Privacy>Default Message Timer.

Read more
WhatsApp finally enables its long-awaited multidevice feature for certain users
WhatsApp chat transfer on Mac and iPhone.

After Meta's Mark Zuckerberg confirmed that WhatsApp would be receiving multidevice support this year, WhatsApp has finally unveiled the feature, though with certain limitations.

The new multidevice feature has been rolled out to all users on iOS and Android who are using the WhatsApp business app or WhatsApp Beta for Android with either version 2.21.23.10 or 2.21.23.

Read more