Each day, 65 billion messages are sent every day through WhatsApp , a figure that makes us think that our conversations are a tiny drop in an immense ocean of 0 and 1 and that therefore no one is going to stop or bother read what we write, beyond our interlocutors. Despite this, WhatsApp has for some time been presuming that its messages are encrypted from point to point , and therefore are protected from enemies of others, but this may not be entirely true.
And is that made the law made the trap, and now it has been discovered (or has been brought to light, put to distrust) a new vulnerability in WhatApp that would affect the encryption algorithm used by the platform and that allows someone to impersonate our identity .
Beware, they could be intercepting your messages
We do not want to create alarmism, but if we have ever noticed that someone could be manipulating our conversations or we have suffered misunderstandings with someone after talking with WhatsApp, maybe there is some black hand willing to complicate our lives a little.
According to researchers from the security firm “Check Point” , there is a vulnerability in WhatsApp security protocols that allows access to them, edit them and send them with modified content.
According to this security firm, the protocols used by WhatsApp can be accessed and transformed, allowing a kind of reverse engineering capable of modifying those protocols to our liking.
The truth is that a priori it is quite easy to prove the falsity of a message that has arrived modified if we send a capture with the message that we had originally sent, but the problem is if our attacker decides to also intercept all the messages that we can send in our defense , in which case we would have to show our mobile phone in person to the recipient of our conversation to demonstrate that we have not been the authors of the manipulated message or to use an alternative way to send said screenshot.
This vulnerability could be more harmful if it is used to spread false stories massively under the supposed authorship of another person, since in this case, as we are not aware of the deception, manipulated information could reach many people before we have the opportunity to prove our innocence.
According to Check Point, there are several scenarios where this vulnerability could be used in a harmful way, such as altering the messages of a person in a group , creating messages with a modified author or even sending private messages to a member of a group making them believe that it is a public message so that it responds and its response is read by said group.
The security firm has already contacted WhatsApp managers, but in the meantime they recommend that we remain alert about the content of our messages.
For now the responsible for this messaging platform have not made any statement, but they have recognized the existence of the problem , so it should not be too long until a security patch is available to fix the vulnerability. By the way, there are also other messaging platforms that we could use in the meantime, maybe it’s a good time to give them a chance.
We leave you with a demonstrative video of the vulnerability: