Last year, researchers highlighted a WhatsApp vulnerability that can let an attacker alter users’ conversations. Despite disclosure, Facebook failed to fix the flaws. This year, researchers have deployed a WhatsApp Protocol Decryptor tool as well. The tool makes it much easier to exploit the flaw, as well as to decrypt the famous WhatsApp encryption.
Researchers at Check Point Research have deployed a WhatsApp Protocol Decryptor tool for the public. This tool makes the decryption of WhatsApp conversations and the subsequent manipulation possible.
In August 2018, the researchers reverse-engineered WhatsApp code and decrypt its protocol. Furthermore, they were able to find a vulnerability that made it possible to meddle with users’ conversations in real-time. As stated in their blog post,
They shared a video detailing how an attacker can exploit the bug to manipulate conversations in three different ways.
Now, this year, at the Black Hat USA 2019, they have made a Burpsuite Extension, which they created last year.
The WhatsApp Protocol Decryption Burp Tool is available at the following GitHub link.
Although, it’s been a year since the disclosure of the WhatsApp vulnerability and the exploit. Yet, Facebook didn’t work on a suitable fix. Facebook made it clear that the issue might not receive a fix owing to ‘infrastructure limitations’, according to BBC.