WhatsApp has reportedly acknowledged a software bug which allows hackers to impersonate users, and send fake group messages and/or private texts.
Discovered by Israeli cybersecurity firm, CheckPoint Research, the flaw is deeply embedded within WhatsApp’s ‘design framework’, and is of “utmost importance”.
The firm asserts hackers can use the bug to alter a user’s reply, ‘putting words in someone’s mouth.’
WhatsApp’s ‘quote’ feature can allegedly be used to change a sender’s identity, seeming as though it was sent from outside a group.
CheckPoint Research claims the bug makes it possible for hackers to close fraudulent agreements or incriminate a user.
As per the New York Post, WhatsApp has “acknowledged” the flaw, adding it’s part of the app’s “design framework”, while remarking its open to further discussion.
A WhatsApp spokesperson claims the loophole does not affect end-to-end encryption, with no plans currently in play to fix the vulnerability.
The news comes as WhatsApp parent company, Facebook, continues to combat allegations of fake news and misinformation spreading. Checkpoint claims the latest WhatsApp bug is at risk of further proliferating matters.