large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Your WhatsApp messages can be manipulated, researchers warn

Are your WhatsApp messages what they seem? Check Point Research has found a vulnerability in the popular messaging app that apparently allows malicious parties to “intercept and manipulate” messages sent via the platform.

In its latest research, Check Point’s team revealed that by exploiting weaknesses in the communication between WhatsApp and the web-based version, an attacker could manipulate messages in a number of ways. By using the quote feature from group conversations, an attacker could change the identity of a message sender, for example, or alter the text of someone else’s reply.

Most damagingly of all, it allows a hacker to send a private message to a group participant disguised as public message, tricking them into a public response. It plays out something like this, in Check Point’s innocuous example:Two smartphones showing how a message on Whatsapp appears to be part of a group chat but is in fact private

In reality, there’s potential for far more nefarious purposes than disrupting surprise party planning.

WhatsApp has more than 1.5 billion users chatting in over a billion groups worldwide. “With so much chatter, the potential for online scams, rumours and fake news is huge,” the researchers argue. It gives threat actors “immense power to create and spread misinformation from what appear to be trusted sources.”

“We believe these vulnerabilities to be of the utmost importance and require attention,” the researchers explain.

Related: Best VPN

The researchers told Facebook-owned WhatsApp of their findings following the process of Responsible Disclosure, but have some general tips for people concerned that their conversations may be hijacked. Cross-check what you read on social media with your own research, but remember misinformation spreads faster than truth.

Finally, the age-old adage remains the same: if something sounds too good to be true, it usually is.

Are you worried your WhatsApp conversations could be listened in on or intercepted? Let us know on Twitter: @TrustedReviews

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.