WhatsApp Quote Feature Vulnerability is a Serious Threat! Helps Fake News

Written by Nitish Singh
Last updated September 23, 2021

With a rise in fake news on popular social messaging app WhatsApp, security company Check Point Research identified some critical vulnerabilities that can make matters worse for the Facebook-owned app. The security company identified three different methods of intercepting messages, which can lead to a rise in misinformation on the platform. All three of the methods make use of social engineering tactics, allowing users to alter texts of replies.

The research team at Check Point managed to identify the encryption method used by WhatsApp and used three manipulation methods to intercept conversations. By converting the protobuf2 encryption data to a different platform, the security researchers were able to send and manipulate the encryption keys to check in on WhatsApp’s security methods.

The first manipulation method involves spoofing replies in conversations to spoof other group members or non-existing members. The second method involves manipulating the chat messages by sending replies to oneself on someone else’s behalf. The last manipulation method involves sending messages to select users in a group only. The messages can be intercepted before they are actually sent to the WhatsApp servers, and some data can be tweaked to choose which members of a group get access to what you send them.

All three vulnerabilities have been detailed including a step by step process which explains how attacks can take place on WhatsApp. Check Point also explained the encryption and decryption process of the app and how they can be manipulated to a user’s liking.

What do you think about the vulnerabilities found in WhatsApp? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: