Check Point Research discovered multiple vulnerabilities in the most popular messaging app in the world, WhatsApp, allowing attackers to alter the content of messages sent in both private as well as group chats.
The flaws allow attackers to abuse the “quote” feature in a WhatsApp group conversation, to alter the identity of the sender, to alter the content of members’ reply to a group chat, or to send private messages to one of the group members disguised as a group message.
Check Point was able to discover these flaws by decrypting the communications between the mobile and desktop version of WhatsApp.
The security experts pointed out that the flaws could not be exploited to access the content of end-to-end encrypted messages, because in order to exploit them, the attackers must already be part of group chats.
Read more about it here.