Multiple loopholes and security vulnerabilities in WhatsApp could have allowed people to alter the text of someone's message and inject malicious code in a user's browser, cybersecurity researcher Gal Weizman revealed in a blog post on February 4. Weizman had reportedly informed Facebook about this last year and the company has since dealt with the issues in the application. The report was first covered by The Hacker News. Key Findings The research by Weizman revealed important loopholes and security flaws, mostly in WhatsApp web, the application's browser version. Some of these include: Altering the text of a message: By manipulating the metadata of the object containing a message, one could basically reply to messages that were never a part of the conversation. For instance, it would allow a user to quote a made-up message (using the reply feature on WhatsApp) that was never written. Tampering with preview banners and links in messages: WhatsApp shows previews of links (with information regarding the link) that are sent as part of messages. A security flaw allowed one to tamper with the banner properties before the message is sent. Basically, by exploiting this vulnerability, it is possible to mislead users about the content of the link by showing the banner of a different link. For instance, hackers could send the link www.hacker.com, but the message would instead show a preview banner of www.facebook.com. Such a misleading preview could prompt the user to click on a malicious link in a message. Moreover, it was also possible to tamper with the…
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
News
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
Advert
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
News
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...
News
Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...